Export limit exceeded: 346329 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29902 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (11887 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-56016 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in maartenhemmes Image Mapper image-mapper allows Reflected XSS.This issue affects Image Mapper: from n/a through <= 0.2.5.3. | ||||
| CVE-2024-56015 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in John Godley Tidy Up tidy-up allows Reflected XSS.This issue affects Tidy Up: from n/a through <= 1.3. | ||||
| CVE-2024-56014 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Markyis Cool Olivia olivia allows Reflected XSS.This issue affects Olivia: from n/a through <= 0.9.5. | ||||
| CVE-2024-56013 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.8 High |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in wovax Wovax IDX wovax-idx allows Authentication Bypass.This issue affects Wovax IDX: from n/a through <= 1.2.2. | ||||
| CVE-2024-56012 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 9.8 Critical |
| Cross-Site Request Forgery (CSRF) vulnerability in lizeipe Flash News / Post (Responsive) flashnews-fading-effect-pearlbells allows Privilege Escalation.This issue affects Flash News / Post (Responsive): from n/a through <= 4.1. | ||||
| CVE-2024-56011 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ilja Zaglov Responsive Google Maps | by imbaa responsive-google-maps allows Stored XSS.This issue affects Responsive Google Maps | by imbaa: from n/a through <= 1.2.5. | ||||
| CVE-2024-56010 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pierre Lannoy Device Detector device-detector allows Reflected XSS.This issue affects Device Detector: from n/a through <= 4.2.0. | ||||
| CVE-2024-56007 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in leader codes Leader leader allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Leader: from n/a through <= 2.6.1. | ||||
| CVE-2024-56005 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Posti Posti Shipping posti-shipping allows Cross Site Request Forgery.This issue affects Posti Shipping: from n/a through <= 3.10.3. | ||||
| CVE-2024-56004 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5.4 Medium |
| Missing Authorization vulnerability in awfowler Easy Site Importer easy-site-importer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Site Importer: from n/a through <= 1.0.1. | ||||
| CVE-2024-56001 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Missing Authorization vulnerability in ksher thailand Ksher ksher-payment allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ksher: from n/a through <= 1.1.1. | ||||
| CVE-2024-55997 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Missing Authorization vulnerability in webchunky Order Delivery & Pickup Location Date Time order-delivery-pickup-location-date-time-free-version allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Order Delivery & Pickup Location Date Time: from n/a through <= 1.1.0. | ||||
| CVE-2024-55991 | 2 Wordpress, Wp-crm | 2 Wordpress, Wp-crm System | 2026-04-23 | 6.5 Medium |
| Missing Authorization vulnerability in Mario Peshev WP-CRM System wp-crm-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-CRM System: from n/a through <= 3.2.9.1. | ||||
| CVE-2024-55990 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in tsjippy Mollie for Contact Form 7 cf7-mollie allows Blind SQL Injection.This issue affects Mollie for Contact Form 7: from n/a through <= 5.0.0. | ||||
| CVE-2024-55989 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.6 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Kyle M Brown WP Simple Pay Lite Manager stripe-manager allows SQL Injection.This issue affects WP Simple Pay Lite Manager: from n/a through <= 1.4. | ||||
| CVE-2024-55988 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Amol Nirmala Waman Navayan CSV Export navayan-csv-export allows Blind SQL Injection.This issue affects Navayan CSV Export: from n/a through <= 1.0.9. | ||||
| CVE-2024-55986 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in tiny13 Service service allows Blind SQL Injection.This issue affects Service: from n/a through <= 1.0.4. | ||||
| CVE-2024-55985 | 2 Wordpress, Ydesignservices | 2 Wordpress, Yds Support Ticket System | 2026-04-23 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ydesignservices YDS Support Ticket System yds-support-ticket-system allows SQL Injection.This issue affects YDS Support Ticket System: from n/a through <= 1.0. | ||||
| CVE-2024-55984 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in susheelhbti Saksh Escrow System saksh-escrow-system allows SQL Injection.This issue affects Saksh Escrow System: from n/a through <= 2.4. | ||||
| CVE-2024-55983 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PowerFormBuilder PowerFormBuilder power-forms-builder allows SQL Injection.This issue affects PowerFormBuilder: from n/a through <= 1.0.6. | ||||