Export limit exceeded: 347380 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347380 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347380 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-27952 | 1 Wpcodeus | 1 Advanced Sermons | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Codeus Advanced Sermons allows Reflected XSS.This issue affects Advanced Sermons: from n/a through 3.2. | ||||
| CVE-2024-27955 | 2 Wordpress, Wp Automatic | 2 Wordpress, Automatic | 2026-04-28 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in WP Automatic Automatic allows Privilege Escalation.This issue affects Automatic: from n/a through 3.92.0. | ||||
| CVE-2024-27956 | 1 Valvepress | 1 Automatic | 2026-04-28 | 9.9 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ValvePress Automatic allows SQL Injection.This issue affects Automatic: from n/a through 3.92.0. | ||||
| CVE-2024-27953 | 1 Coolplugins | 1 Cryptocurrency Widgets | 2026-04-28 | 4.7 Medium |
| Missing Authorization vulnerability in Cool Plugins Cryptocurrency Widgets – Price Ticker & Coins List.This issue affects Cryptocurrency Widgets – Price Ticker & Coins List: from n/a through 2.6.8. | ||||
| CVE-2024-27948 | 1 Bytesforall | 1 Atahualpa | 2026-04-28 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in bytesforall Atahualpa.This issue affects Atahualpa: from n/a through 3.7.24. | ||||
| CVE-2024-27951 | 1 Themeisle | 1 Multiple Page Generator | 2026-04-28 | 9.1 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Themeisle Multiple Page Generator Plugin – MPG allows Upload a Web Shell to a Web Server.This issue affects Multiple Page Generator Plugin – MPG: from n/a through 3.4.0. | ||||
| CVE-2024-2721 | 1 Sygnoos | 1 Social Media Share Buttons | 2026-04-28 | 8.2 High |
| Deserialization of Untrusted Data vulnerability in Social Media Share Buttons By Sygnoos Social Media Share Buttons.This issue affects Social Media Share Buttons: from n/a through 2.1.0. | ||||
| CVE-2024-27196 | 1 Jmash | 1 Postmash | 2026-04-28 | 7.1 High |
| Cross Site Scripting (XSS) vulnerability in Joel Starnes postMash – custom post order allows Reflected XSS.This issue affects postMash – custom post order: from n/a through 1.2.0. | ||||
| CVE-2024-2702 | 1 Olivethemes | 1 Olive One Click Demo Import | 2026-04-28 | 8.2 High |
| Missing Authorization vulnerability in Olive Themes Olive One Click Demo Import allows importing settings and data, ultimately leading to XSS.This issue affects Olive One Click Demo Import: from n/a through 1.1.1. | ||||
| CVE-2024-27197 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Bee BeePress allows Stored XSS.This issue affects BeePress: from n/a through 6.9.8. | ||||
| CVE-2024-27190 | 1 Jeandaviddaviet | 1 Download Media | 2026-04-28 | 4.3 Medium |
| Missing Authorization vulnerability in Jean-David Daviet Download Media.This issue affects Download Media: from n/a through 1.4.2. | ||||
| CVE-2024-27192 | 2026-04-28 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Reilly Configure SMTP allows Reflected XSS.This issue affects Configure SMTP: from n/a through 3.1. | ||||
| CVE-2024-27189 | 2 Catchsquare, Wordpress | 2 Wp Social Widget, Wordpress | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catchsquare WP Social Widget allows Stored XSS.This issue affects WP Social Widget: from n/a through 2.2.5. | ||||
| CVE-2024-25925 | 1 Sysbasics | 1 Easy Checkout Field Editor | 2026-04-28 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in SYSBASICS WooCommerce Easy Checkout Field Editor, Fees & Discounts.This issue affects WooCommerce Easy Checkout Field Editor, Fees & Discounts: from n/a through 3.5.12. | ||||
| CVE-2024-25936 | 2026-04-28 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SoundCloud Inc., Lawrie Malen SoundCloud Shortcode allows Stored XSS.This issue affects SoundCloud Shortcode: from n/a through 4.0.1. | ||||
| CVE-2024-25934 | 1 Formfacade | 1 Formfacade | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in FormFacade allows Stored XSS.This issue affects FormFacade: from n/a through 1.0.0. | ||||
| CVE-2024-25931 | 1 Heureka | 1 Heureka | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Heureka Group Heureka.This issue affects Heureka: from n/a through 1.0.8. | ||||
| CVE-2024-25930 | 1 Nuggethon | 1 Custom Order Status Manager For Woocommerce | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Nuggethon Custom Order Statuses for WooCommerce.This issue affects Custom Order Statuses for WooCommerce: from n/a through 1.5.2. | ||||
| CVE-2024-25924 | 2026-04-28 | 7.6 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Trustindex.Io WP Testimonials.This issue affects WP Testimonials: from n/a through 1.4.3. | ||||
| CVE-2024-25921 | 2026-04-28 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Concerted Action Action Network allows Reflected XSS.This issue affects Action Network: from n/a through 1.4.2. | ||||