Export limit exceeded: 347094 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347094 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347094 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-22305 | 1 Kaliforms | 1 Kali Forms | 2026-04-28 | 7.5 High |
| Authorization Bypass Through User-Controlled Key vulnerability in ali Forms Contact Form builder with drag & drop for WordPress – Kali Forms.This issue affects Contact Form builder with drag & drop for WordPress – Kali Forms: from n/a through 2.3.36. | ||||
| CVE-2024-22304 | 1 Borbis | 1 Freshmail For Wordpress | 2026-04-28 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Borbis Media FreshMail For WordPress.This issue affects FreshMail For WordPress: from n/a through 2.3.2. | ||||
| CVE-2024-23505 | 1 Dearhive | 1 Dearpdf | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DearHive PDF Viewer & 3D PDF Flipbook – DearPDF allows Stored XSS.This issue affects PDF Viewer & 3D PDF Flipbook – DearPDF: from n/a through 2.0.38. | ||||
| CVE-2024-23508 | 1 Bplugins | 1 Pdf Poster | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins PDF Poster – PDF Embedder Plugin for WordPress allows Reflected XSS.This issue affects PDF Poster – PDF Embedder Plugin for WordPress: from n/a through 2.1.17. | ||||
| CVE-2024-23510 | 1 Martynchamberlin | 1 Dont Muck My Markup | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Martyn Chamberlin Don't Muck My Markup.This issue affects Don't Muck My Markup: from n/a through 1.8. | ||||
| CVE-2024-22306 | 1 Mangboard | 1 Mang Board | 2026-04-28 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hometory Mang Board WP allows Stored XSS.This issue affects Mang Board WP: from n/a through 1.7.7. | ||||
| CVE-2024-22309 | 1 Quantumcloud | 1 Wpbot | 2026-04-28 | 8.7 High |
| Deserialization of Untrusted Data vulnerability in QuantumCloud ChatBot with AI.This issue affects ChatBot with AI: from n/a through 5.1.0. | ||||
| CVE-2024-23501 | 1 Shopfiles | 1 Ebook Store | 2026-04-28 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shopfiles Ltd Ebook Store allows Stored XSS.This issue affects Ebook Store: from n/a through 5.788. | ||||
| CVE-2024-22310 | 1 Formzu | 1 Formzu Wp | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Formzu Inc. Formzu WP allows Stored XSS.This issue affects Formzu WP: from n/a through 1.6.7. | ||||
| CVE-2024-22308 | 1 Simple-membership-plugin | 1 Simple Membership | 2026-04-28 | 3.4 Low |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in smp7, wp.Insider Simple Membership.This issue affects Simple Membership: from n/a through 4.4.1. | ||||
| CVE-2024-22311 | 2026-04-28 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in N Squared Simply Schedule Appointments allows Reflected XSS.This issue affects Simply Schedule Appointments: from n/a through 1.6.6.20. | ||||
| CVE-2024-22301 | 1 Eduva | 1 Albo Pretorio Online | 2026-04-28 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Ignazio Scimone Albo Pretorio On line.This issue affects Albo Pretorio On line: from n/a through 4.6.6. | ||||
| CVE-2024-22302 | 1 Albo Pretorio On Line Project | 1 Albo Pretorio On Line | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ignazio Scimone Albo Pretorio On line allows Stored XSS.This issue affects Albo Pretorio On line: from n/a through 4.6.6. | ||||
| CVE-2024-22293 | 1 Dontdream | 1 Bp Profile Search | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Andrea Tarantini BP Profile Search allows Reflected XSS.This issue affects BP Profile Search: from n/a through 5.5. | ||||
| CVE-2024-22299 | 2 Foliovision, Wordpress | 2 Fv Flowplayer Video Player, Wordpress | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Foliovision: Making the web work for you FV Flowplayer Video Player allows Reflected XSS.This issue affects FV Flowplayer Video Player: from n/a through 7.5.41.7212. | ||||
| CVE-2024-22300 | 2 Icegram, Wordpress | 2 Email Subscribers & Newsletters, Wordpress | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Icegram Email Subscribers & Newsletters allows Reflected XSS.This issue affects Email Subscribers & Newsletters: from n/a through 5.7.11. | ||||
| CVE-2024-22286 | 1 Aluka | 1 Ba Plus | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aluka BA Plus – Before & After Image Slider FREE allows Reflected XSS.This issue affects BA Plus – Before & After Image Slider FREE: from n/a through 1.0.3. | ||||
| CVE-2024-22284 | 1 Asgaros | 1 Asgaros Forum | 2026-04-28 | 8.7 High |
| Deserialization of Untrusted Data vulnerability in Thomas Belser Asgaros Forum.This issue affects Asgaros Forum: from n/a through 2.7.2. | ||||
| CVE-2024-22287 | 1 Ludek | 1 Better Anchor Links | 2026-04-28 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Luděk Melichar Better Anchor Links allows Cross-Site Scripting (XSS).This issue affects Better Anchor Links: from n/a through 1.7.5. | ||||
| CVE-2024-22292 | 1 Delower | 1 Wp To Do | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Delower WP To Do allows Stored XSS.This issue affects WP To Do: from n/a through 1.2.8. | ||||