Export limit exceeded: 11973 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (11973 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-54246 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Think201 FAQs faqs allows Stored XSS.This issue affects FAQs: from n/a through <= 1.0.2. | ||||
| CVE-2024-54245 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Think201 Clients clients allows Stored XSS.This issue affects Clients: from n/a through <= 1.1.4. | ||||
| CVE-2024-54244 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Think201 Easy Replace easy-replace allows Stored XSS.This issue affects Easy Replace: from n/a through <= 1.3. | ||||
| CVE-2024-54243 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Think201 Echoza echoza allows Stored XSS.This issue affects Echoza: from n/a through <= 0.1.1. | ||||
| CVE-2024-54242 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Missing Authorization vulnerability in appsbd Simple Notification simple-notification allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Notification: from n/a through <= 1.3. | ||||
| CVE-2024-54239 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 9.8 Critical |
| Missing Authorization vulnerability in dugudlabs Eyewear prescription form eyewear-prescription-form allows Privilege Escalation.This issue affects Eyewear prescription form: from n/a through <= 4.0.18. | ||||
| CVE-2024-54237 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Anzar Ahmed Ni CRM Lead ni-crm-lead allows Reflected XSS.This issue affects Ni CRM Lead: from n/a through <= 1.3.0. | ||||
| CVE-2024-54234 | 2 Wordpress, Wp-buy | 2 Wordpress, Limit Login Attempts | 2026-04-23 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wp-buy Limit Login Attempts wp-limit-failed-login-attempts allows SQL Injection.This issue affects Limit Login Attempts: from n/a through <= 5.5. | ||||
| CVE-2024-54226 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in karlkiesinger Country Blocker country-blocker allows Stored XSS.This issue affects Country Blocker: from n/a through <= 3.2. | ||||
| CVE-2024-54220 | 2 Roninwp, Wordpress | 2 Fat Services Booking, Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in roninwp FAT Services Booking fat-services-booking allows Stored XSS.This issue affects FAT Services Booking: from n/a through <= 5.6. | ||||
| CVE-2024-54219 | 2 Thehp, Wordpress | 2 Aio Contact, Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in thehp AIO Contact aio-contact.This issue affects AIO Contact: from n/a through <= 2.8.1. | ||||
| CVE-2024-54209 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Awesome Shortcodes awesome-shortcodes allows Reflected XSS.This issue affects Awesome Shortcodes: from n/a through <= 1.7.2. | ||||
| CVE-2024-54208 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Joni Halabi Block Controller block-controller allows Reflected XSS.This issue affects Block Controller: from n/a through <= 1.4.3. | ||||
| CVE-2024-54205 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Paloma Paloma Widget postman-widget allows Cross Site Request Forgery.This issue affects Paloma Widget: from n/a through <= 1.14. | ||||
| CVE-2024-53812 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jacques Malgrange WP GeoNames wp-geonames allows Reflected XSS.This issue affects WP GeoNames: from n/a through <= 1.8. | ||||
| CVE-2024-53811 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.6 Medium |
| Unrestricted Upload of File with Dangerous Type vulnerability in POSIMYTH WDesignkit wdesignkit allows Upload a Web Shell to a Web Server.This issue affects WDesignkit: from n/a through <= 1.0.40. | ||||
| CVE-2024-53806 | 2 Wordpress, Wpmaspik | 2 Wordpress, Maspik | 2026-04-23 | 5.4 Medium |
| Missing Authorization vulnerability in yonifre Maspik – Spam blacklist contact-forms-anti-spam allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Maspik – Spam blacklist: from n/a through <= 2.2.7. | ||||
| CVE-2024-53798 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5.4 Medium |
| Missing Authorization vulnerability in BAKKBONE Australia FloristPress bakkbone-florist-companion.This issue affects FloristPress: from n/a through <= 7.3.0. | ||||
| CVE-2024-53794 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ryo Arkhe Blocks arkhe-blocks allows Stored XSS.This issue affects Arkhe Blocks: from n/a through <= 2.27.0. | ||||
| CVE-2024-53793 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.2 High |
| Cross-Site Request Forgery (CSRF) vulnerability in jerodmoore eDoc Easy Tables edoc-easy-tables allows Blind SQL Injection.This issue affects eDoc Easy Tables: from n/a through <= 1.29. | ||||