Export limit exceeded: 347095 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347095 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-43956 | 1 Caseproof | 1 Memberpress | 2026-04-28 | 6.5 Medium |
| Missing Authorization vulnerability in Caseproof, LLC Memberpress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Memberpress: from n/a through 1.11.34. | ||||
| CVE-2024-43955 | 1 Themeum | 1 Droip | 2026-04-28 | 10 Critical |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themeum Droip allows File Manipulation.This issue affects Droip: from n/a through 1.1.1. | ||||
| CVE-2024-43954 | 1 Themeum | 1 Droip | 2026-04-28 | 6.3 Medium |
| Incorrect Authorization vulnerability in Themeum Droip allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Droip: from n/a through 1.1.1. | ||||
| CVE-2024-43333 | 2026-04-28 | 7.5 High | ||
| Incorrect Privilege Assignment vulnerability in NotFound Admin and Site Enhancements (ASE) Pro allows Privilege Escalation. This issue affects Admin and Site Enhancements (ASE) Pro: from n/a through 7.6.2.1. | ||||
| CVE-2024-38764 | 2026-04-28 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Marsian allows Cross Site Request Forgery.This issue affects i-transform: from n/a through 3.0.9. | ||||
| CVE-2024-38732 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in VolThemes Patricia Blog allows Cross Site Request Forgery.This issue affects Patricia Blog: from n/a through 1.2. | ||||
| CVE-2024-38731 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Marsian i-amaze allows Cross Site Request Forgery.This issue affects i-amaze: from n/a through 1.3.7. | ||||
| CVE-2024-37931 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Creativthemes Point allows Cross Site Request Forgery.This issue affects Point: from n/a through 1.1. | ||||
| CVE-2024-37929 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 6.3 Medium |
| Missing Authorization vulnerability in solwin User Activity Log Pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Activity Log Pro: from n/a through 2.3.4. | ||||
| CVE-2024-37925 | 2026-04-28 | 5.4 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in BUDDYBOSS LLC BuddyBoss Theme allows Cross Site Request Forgery.This issue affects BuddyBoss Theme: from n/a through 2.4.61. | ||||
| CVE-2024-37560 | 1 Iqbalrony | 1 Wp User Switch | 2026-04-28 | 8 High |
| Improper Privilege Management vulnerability in IqbalRony WP User Switch allows Privilege Escalation.This issue affects WP User Switch: from n/a through 1.1.0. | ||||
| CVE-2024-37452 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in MyThemeShop Schema Lite allows Cross Site Request Forgery.This issue affects Schema Lite: from n/a through 1.2.2. | ||||
| CVE-2024-37449 | 1 Themepunch | 1 Slider Revolution | 2026-04-28 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThemePunch OHG Slider Revolution.This issue affects Slider Revolution: from n/a through 6.7.13. | ||||
| CVE-2024-37438 | 2026-04-28 | 5.4 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Uncanny Owl Uncanny Toolkit Pro for LearnDash allows Cross Site Request Forgery.This issue affects Uncanny Toolkit Pro for LearnDash: from n/a before 4.1.4.1. | ||||
| CVE-2024-37270 | 1 Trustedlogin | 1 Trustedlogin | 2026-04-28 | 5.3 Medium |
| Insertion of Sensitive Information into Log File vulnerability in TrustedLogin TrustedLogin Vendor.This issue affects TrustedLogin Vendor: from n/a before 1.1.1. | ||||
| CVE-2024-37241 | 2026-04-28 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Automattic WP Job Manager - Resume Manager allows Cross Site Request Forgery.This issue affects WP Job Manager - Resume Manager: from n/a through 2.1.0. | ||||
| CVE-2024-35769 | 1 Slideshow Se Project | 1 Slideshow Se | 2026-04-28 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in John West Slideshow SE allows Stored XSS.This issue affects Slideshow SE: from n/a through 2.5.17. | ||||
| CVE-2024-34570 | 1 Wpxpro | 1 Xpro Addons For Elementor | 2026-04-28 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xpro Xpro Elementor Addons allows Stored XSS.This issue affects Xpro Elementor Addons: from n/a through 1.4.3. | ||||
| CVE-2024-34445 | 1 Sktthemes | 1 Skt Addons For Elementor | 2026-04-28 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SKT Themes SKT Addons for Elementor allows Stored XSS.This issue affects SKT Addons for Elementor: from n/a through 1.8. | ||||
| CVE-2024-34444 | 1 Themepunch | 1 Slider Revolution | 2026-04-28 | 7.1 High |
| Missing Authorization vulnerability in ThemePunch OHG Slider Revolution.This issue affects Slider Revolution: from n/a before 6.7.0. | ||||