Export limit exceeded: 347147 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347147 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-32430 | 1 Activecampaign | 1 Activecampaign | 2026-04-28 | 4.4 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in ActiveCampaign.This issue affects ActiveCampaign: from n/a through 8.1.14. | ||||
| CVE-2024-32428 | 1 Mosswebworks | 1 Mww Disclaimer Buttons | 2026-04-28 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Moss Web Works MWW Disclaimer Buttons allows Stored XSS.This issue affects MWW Disclaimer Buttons: from n/a through 3.0.2. | ||||
| CVE-2024-32429 | 1 Wpchill | 1 Remove Footer Credit | 2026-04-28 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPChill Remove Footer Credit allows Stored XSS.This issue affects Remove Footer Credit: from n/a through 1.0.13. | ||||
| CVE-2024-32145 | 1 Wpgoaltracker | 1 Wp Google Analytics Events | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PineWise WP Google Analytics Events allows Reflected XSS.This issue affects WP Google Analytics Events: from n/a through 2.8.0. | ||||
| CVE-2024-32135 | 2026-04-28 | 7.6 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPZest Disable Comments | WPZest.This issue affects Disable Comments | WPZest: from n/a through 1.51. | ||||
| CVE-2024-32138 | 1 Kaizencoders | 1 Short Url | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in KaizenCoders Short URL allows Reflected XSS.This issue affects Short URL: from n/a through 1.6.8. | ||||
| CVE-2024-32132 | 2026-04-28 | 7.6 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Codeboxr Team CBX Bookmark & Favorite.This issue affects CBX Bookmark & Favorite: from n/a through 1.7.20. | ||||
| CVE-2024-32142 | 2026-04-28 | 5.4 Medium | ||
| Missing Authorization vulnerability in Ovic Team Ovic Responsive WPBakery.This issue affects Ovic Responsive WPBakery: from n/a through 1.3.0. | ||||
| CVE-2024-32133 | 1 Ezplugins | 1 Ez Form Calculator | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Michael Schuppenies EZ Form Calculator allows Reflected XSS.This issue affects EZ Form Calculator: from n/a through 2.14.0.3. | ||||
| CVE-2024-32134 | 2026-04-28 | 7.6 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nasirahmed Forms to Zapier, Integromat, IFTTT, Workato, Automate.Io, elastic.Io, Built.Io, APIANT, Webhook.This issue affects Forms to Zapier, Integromat, IFTTT, Workato, Automate.Io, elastic.Io, Built.Io, APIANT, Webhook: from n/a through 1.1.12. | ||||
| CVE-2024-32139 | 1 Podlove | 1 Podlove Podcast Publisher | 2026-04-28 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Podlove Podlove Podcast Publisher.This issue affects Podlove Podcast Publisher: from n/a through 4.0.12. | ||||
| CVE-2024-32130 | 2 Paystack, Wordpress | 2 Payment Forms For Paystack, Wordpress | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Paystack Payment Forms for Paystack allows Stored XSS.This issue affects Payment Forms for Paystack: from n/a through 3.4.1. | ||||
| CVE-2024-32136 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Xenioushk BWL Advanced FAQ Manager.This issue affects BWL Advanced FAQ Manager: from n/a through 2.0.3. | ||||
| CVE-2024-32137 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Solwin User Activity Log Pro.This issue affects User Activity Log Pro: from n/a through 2.3.4. | ||||
| CVE-2024-32127 | 1 Markusseyer | 1 Find Duplicates | 2026-04-28 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Markus Seyer Find Duplicates.This issue affects Find Duplicates: from n/a through 1.4.6. | ||||
| CVE-2024-32129 | 2026-04-28 | 4.7 Medium | ||
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Freshworks Freshdesk (official).This issue affects Freshdesk (official): from n/a through 2.3.6. | ||||
| CVE-2024-32128 | 2026-04-28 | 9.3 Critical | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Realtyna Realtyna Organic IDX plugin.This issue affects Realtyna Organic IDX plugin: from n/a through 4.14.4. | ||||
| CVE-2024-32125 | 1 Ba-booking | 1 Ba Book Everything | 2026-04-28 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Booking Algorithms BA Book Everything.This issue affects BA Book Everything: from n/a through 1.6.4. | ||||
| CVE-2024-32101 | 2 Omnisend, Wordpress | 2 Email Marketing For Woocommerce, Wordpress | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Omnisend Email Marketing for WooCommerce by Omnisend omnisend-connect.This issue affects Email Marketing for WooCommerce by Omnisend: from n/a through <= 1.14.3. | ||||
| CVE-2024-32112 | 2026-04-28 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Leadinfo leadinfo. The patch was released under the same version which was reported as vulnerable. We consider the current version as vulnerable.This issue affects Leadinfo: from n/a through 1.0. | ||||