Export limit exceeded: 347111 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347111 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347111 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-2578 | 1 Wow-company | 1 Wp Coder | 2026-04-28 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPCoder WP Coder allows Stored XSS.This issue affects WP Coder: from n/a through 3.5. | ||||
| CVE-2024-25097 | 1 Themencode | 1 Tnc Pdf Viewer | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeNcode LLC TNC PDF viewer allows Stored XSS.This issue affects TNC PDF viewer: from n/a through 2.8.0. | ||||
| CVE-2024-25594 | 1 Savvy | 1 Mywaze | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Savvy Wordpress Development MyWaze allows Stored XSS.This issue affects MyWaze: from n/a through 1.6. | ||||
| CVE-2024-25597 | 1 Etoilewebdesign | 1 Ultimate Reviews | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Etoile Web Design Ultimate Reviews allows Stored XSS.This issue affects Ultimate Reviews: from n/a through 3.2.8. | ||||
| CVE-2024-25596 | 1 Doofinder | 1 Doofinder | 2026-04-28 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Doofinder Doofinder for WooCommerce allows Stored XSS.This issue affects Doofinder for WooCommerce: from n/a through 2.1.8. | ||||
| CVE-2024-25099 | 1 Paytium | 1 Paytium | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in David de Boer Paytium: Mollie payment forms & donations allows Stored XSS.This issue affects Paytium: Mollie payment forms & donations: from n/a through 4.4.2. | ||||
| CVE-2024-25592 | 1 Wpmudev | 1 Broken Link Checker | 2026-04-28 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPMU DEV Broken Link Checker allows Stored XSS.This issue affects Broken Link Checker: from n/a through 2.2.3. | ||||
| CVE-2024-25593 | 1 Basixonline | 1 Nex-forms | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Basix NEX-Forms – Ultimate Form Builder allows Stored XSS.This issue affects NEX-Forms – Ultimate Form Builder: from n/a through 8.5.5. | ||||
| CVE-2024-25101 | 1 Wpmaspik | 1 Maspik | 2026-04-28 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in yonifre Maspik – Spam Blacklist allows Stored XSS.This issue affects Maspik – Spam Blacklist: from n/a through 0.10.6. | ||||
| CVE-2024-25096 | 1 Canto | 1 Canto | 2026-04-28 | 10 Critical |
| Improper Control of Generation of Code ('Code Injection') vulnerability in Canto Inc. Canto allows Code Injection.This issue affects Canto: from n/a through 3.0.7. | ||||
| CVE-2024-25098 | 1 Bajorat-media | 1 Pb Oembed Html5 Audio | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pascal Bajorat PB oEmbed HTML5 Audio – with Cache Support allows Stored XSS.This issue affects PB oEmbed HTML5 Audio – with Cache Support: from n/a through 2.6. | ||||
| CVE-2024-25591 | 1 Benjaminrojas | 1 Wp Editor | 2026-04-28 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Benjamin Rojas WP Editor.This issue affects WP Editor: from n/a through 1.2.7. | ||||
| CVE-2024-25094 | 1 Primitiv | 1 Pj News Ticker | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Paul Jura & Nicolas Montigny PJ News Ticker allows Stored XSS.This issue affects PJ News Ticker: from n/a through 1.9.5. | ||||
| CVE-2024-24935 | 1 Wpsimpletools | 1 Basic Log Viewer | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in WpSimpleTools Basic Log Viewer.This issue affects Basic Log Viewer: from n/a through 1.0.4. | ||||
| CVE-2024-25093 | 1 Dev4press | 1 Gd Rating System | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Milan Petrovic GD Rating System allows Stored XSS.This issue affects GD Rating System: from n/a through 3.5. | ||||
| CVE-2024-24926 | 1 Unitedthemes | 2 Brooklyn, Brooklyn Creativie Multi Purpose Responsive Wordpress Theme | 2026-04-28 | 7.5 High |
| Deserialization of Untrusted Data vulnerability in UnitedThemes Brooklyn | Creative Multi-Purpose Responsive WordPress Theme.This issue affects Brooklyn | Creative Multi-Purpose Responsive WordPress Theme: from n/a through 4.9.7.6. | ||||
| CVE-2024-24932 | 1 Zixn | 1 Vk Poster Group | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Djo VK Poster Group allows Reflected XSS.This issue affects VK Poster Group: from n/a through 2.0.3. | ||||
| CVE-2024-24933 | 1 Prasidhdamalla | 1 Honeypot For Wp Comment | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Prasidhda Malla Honeypot for WP Comment allows Reflected XSS.This issue affects Honeypot for WP Comment: from n/a through 2.2.3. | ||||
| CVE-2024-24931 | 1 Swadeshswain | 1 Before After Image Slider | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in swadeshswain Before After Image Slider WP allows Stored XSS.This issue affects Before After Image Slider WP: from n/a through 2.2. | ||||
| CVE-2024-24884 | 1 Ari-soft | 1 Contact Form 7 Connector | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in ARI Soft Contact Form 7 Connector.This issue affects Contact Form 7 Connector: from n/a through 1.2.2. | ||||