Export limit exceeded: 17805 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347146 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347146 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347146 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-27960 | 1 I13websolution | 1 Email Subscription Popup | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in I Thirteen Web Solution Email Subscription Popup allows Stored XSS.This issue affects Email Subscription Popup: from n/a through 1.2.20. | ||||
| CVE-2024-27959 | 1 Wpexperts | 1 Wc Shop Sync | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wpexpertsio WC Shop Sync – Integrate Square and WooCommerce for Seamless Shop Management allows Reflected XSS.This issue affects WC Shop Sync – Integrate Square and WooCommerce for Seamless Shop Management: from n/a through 4.2.9. | ||||
| CVE-2024-27958 | 2 Themeisle, Wordpress | 2 Visualizer, Wordpress | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themeisle Visualizer allows Reflected XSS.This issue affects Visualizer: from n/a through 3.10.5. | ||||
| CVE-2024-27957 | 1 Genetechsolutions | 1 Pie Register | 2026-04-28 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Pie Register.This issue affects Pie Register: from n/a through 3.8.3.1. | ||||
| CVE-2024-27194 | 1 Andrei Ivasiuc | 1 Fontific | 2026-04-28 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Andrei Ivasiuc Fontific | Google Fonts allows Stored XSS.This issue affects Fontific | Google Fonts: from n/a through 0.1.6. | ||||
| CVE-2024-25933 | 1 Peprodev | 1 Peprodev Ultimate Invoice | 2026-04-28 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Pepro Dev. Group PeproDev Ultimate Invoice.This issue affects PeproDev Ultimate Invoice: from n/a through 1.9.7. | ||||
| CVE-2024-25927 | 2 Jmash, Wordpress | 2 Postmash, Wordpress | 2026-04-28 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Joel Starnes postMash – custom post order.This issue affects postMash – custom post order: from n/a through 1.2.0. | ||||
| CVE-2024-25915 | 2 Raajtram, Wordpress | 2 Pexels\, Wordpress | 2026-04-28 | 4.9 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in Raaj Trambadia Pexels: Free Stock Photos.This issue affects Pexels: Free Stock Photos: from n/a through 1.2.2. | ||||
| CVE-2024-25903 | 1 Najeebmedia | 1 Frontend File Manager | 2026-04-28 | 5.3 Medium |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in N-Media Frontend File Manager.This issue affects Frontend File Manager: from n/a through 22.7. | ||||
| CVE-2024-25902 | 2 Miniorange, Wordpress | 2 Malware Scanner, Wordpress | 2026-04-28 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in miniorange Malware Scanner.This issue affects Malware Scanner: from n/a through 4.7.2. | ||||
| CVE-2024-25598 | 1 Livemeshelementor | 1 Addons For Elementor | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Livemesh Livemesh Addons for Elementor allows Stored XSS.This issue affects Livemesh Addons for Elementor: from n/a through 8.3. | ||||
| CVE-2024-25100 | 1 Wpswings | 1 Coupon Referral Program | 2026-04-28 | 10 Critical |
| Deserialization of Untrusted Data vulnerability in WP Swings Coupon Referral Program allows Object Injection.This issue affects Coupon Referral Program: from n/a before 1.8.4. | ||||
| CVE-2024-24868 | 1 Smartypantsplugins | 1 Sp Project \& Document Manager | 2026-04-28 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Smartypants SP Project & Document Manager.This issue affects SP Project & Document Manager: from n/a through 4.69. | ||||
| CVE-2024-24799 | 2 Woocommerce, Wordpress | 3 Box Office, Woocommerce Box Office, Wordpress | 2026-04-28 | 6.5 Medium |
| Missing Authorization vulnerability in WooCommerce WooCommerce Box Office.This issue affects WooCommerce Box Office: from n/a through 1.2.2. | ||||
| CVE-2024-22162 | 1 Wpzoom | 1 Wpzoom Shortcodes | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPZOOM WPZOOM Shortcodes allows Reflected XSS.This issue affects WPZOOM Shortcodes: from n/a through 1.0.3. | ||||
| CVE-2023-52190 | 1 Wpswings | 1 Coupon Referral Program | 2026-04-28 | 7.5 High |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WP Swings Coupon Referral Program.This issue affects Coupon Referral Program: from n/a through 1.7.2. | ||||
| CVE-2023-52135 | 1 Westguardsolutions | 1 Ws Form | 2026-04-28 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WS Form WS Form LITE – Drag & Drop Contact Form Builder for WordPress.This issue affects WS Form LITE – Drag & Drop Contact Form Builder for WordPress: from n/a through 1.9.170. | ||||
| CVE-2023-51531 | 2 Thrivethemes, Wordpress | 2 Thrive Automator, Wordpress | 2026-04-28 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Thrive Themes Thrive Automator.This issue affects Thrive Automator: from n/a through 1.17. | ||||
| CVE-2023-51530 | 1 Gsplugins | 1 Logo Slider | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in GS Plugins Logo Slider – Logo Showcase, Logo Carousel, Logo Gallery and Client Logo Presentation.This issue affects Logo Slider – Logo Showcase, Logo Carousel, Logo Gallery and Client Logo Presentation: from n/a through 3.5.1. | ||||
| CVE-2023-51528 | 2 Aipower, Wordpress | 2 Aipower, Wordpress | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Senol Sahin AI Power: Complete AI Pack – Powered by GPT-4.This issue affects AI Power: Complete AI Pack – Powered by GPT-4: from n/a through 1.8.12. | ||||