Export limit exceeded: 347380 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 347380 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347380 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-49226 | 1 Taketin | 1 Taketin To Wp Membership | 2026-04-29 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in taketin TAKETIN To WP Membership taketin-to-wp-membership allows Object Injection.This issue affects TAKETIN To WP Membership: from n/a through <= 2.8.17. | ||||
| CVE-2024-49240 | 1 Agustinberasategui | 1 Ab Categories Search Widget | 2026-04-29 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ajberasategui AB Categories Search Widget ab-categories-search-widget allows Reflected XSS.This issue affects AB Categories Search Widget : from n/a through <= 0.2.5. | ||||
| CVE-2024-43234 | 1 Xtendify | 1 Woffice | 2026-04-29 | 9.8 Critical |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in WofficeIO Woffice woffice allows Authentication Bypass.This issue affects Woffice: from n/a through <= 5.4.14. | ||||
| CVE-2024-49230 | 1 Harpreetsingh | 1 Ajax Custom Css\/js | 2026-04-29 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in harry005 Ajax Custom CSS/JS ajax-awesome-css allows Reflected XSS.This issue affects Ajax Custom CSS/JS: from n/a through <= 2.0.4. | ||||
| CVE-2024-49224 | 1 Maheshpatel | 1 Mitm Bug Tracker | 2026-04-29 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mahesh_9696 Mitm Bug Tracker mitm-bug-tracker allows Reflected XSS.This issue affects Mitm Bug Tracker: from n/a through <= 1.0. | ||||
| CVE-2024-49235 | 1 Videowhisper | 1 Contact Forms Live Support Crm Video Messages Plugin | 2026-04-29 | 7.5 High |
| Insertion of Sensitive Information Into Sent Data vulnerability in videowhisper Contact Forms, Live Support, CRM, Video Messages live-support-tickets allows Retrieve Embedded Sensitive Data.This issue affects Contact Forms, Live Support, CRM, Video Messages: from n/a through <= 1.10.2. | ||||
| CVE-2024-49221 | 1 Julianweinert | 1 Cslider | 2026-04-29 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in julian.weinert cSlider cslider allows Cross Site Request Forgery.This issue affects cSlider: from n/a through <= 2.4.2. | ||||
| CVE-2024-49218 | 1 Recently Project | 1 Recently | 2026-04-29 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in Al Imran Akash Recently recently-viewed-most-viewed-and-sold-products-for-woocommerce allows Object Injection.This issue affects Recently: from n/a through <= 1.1. | ||||
| CVE-2024-49216 | 1 Joshua Clayton | 1 Feed Comments Number | 2026-04-29 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in jclay06 Feed Comments Number feed-comments-number allows Upload a Web Shell to a Web Server.This issue affects Feed Comments Number: from n/a through <= 0.2.1. | ||||
| CVE-2024-49223 | 1 Shibulijack | 1 Cj Change Howdy | 2026-04-29 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in shibulijack CJ Change Howdy cj-change-howdy allows Cross Site Request Forgery.This issue affects CJ Change Howdy: from n/a through <= 3.3.1. | ||||
| CVE-2024-49220 | 1 Cookie-scanner | 1 Cookie Scanner | 2026-04-29 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Nikel Cookie Scanner cookie-scanner allows Cross Site Request Forgery.This issue affects Cookie Scanner: from n/a through <= 1.1. | ||||
| CVE-2024-43242 | 2 Azzaroco, Wpindeed | 2 Ultimate Membership Pro, Ultimate Membership Pro | 2026-04-29 | 9 Critical |
| Deserialization of Untrusted Data vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro.This issue affects Ultimate Membership Pro: from n/a through <= 12.7. | ||||
| CVE-2024-43354 | 1 Mycred | 1 Mycred | 2026-04-29 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in Saad Iqbal myCred mycred.This issue affects myCred: from n/a through <= 2.7.2. | ||||
| CVE-2024-37927 | 2 Nootheme, Wordpress | 2 Jobmonster, Wordpress | 2026-04-29 | 9.8 Critical |
| Incorrect Privilege Assignment vulnerability in NooTheme Jobmonster noo-jobmonster allows Privilege Escalation.This issue affects Jobmonster: from n/a through <= 4.7.5. | ||||
| CVE-2024-29135 | 1 Themefic | 1 Tourfic | 2026-04-29 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through <= 2.11.15. | ||||
| CVE-2024-37469 | 1 Creativethemes | 1 Blocksy | 2026-04-29 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in creativethemeshq Blocksy blocksy allows Cross Site Request Forgery.This issue affects Blocksy: from n/a through <= 2.0.22. | ||||
| CVE-2024-21746 | 1 Wpmet | 1 Wp Ultimate Review | 2026-04-29 | 5.3 Medium |
| Authentication Bypass by Spoofing vulnerability in Roxnor Wp Ultimate Review wp-ultimate-review allows Identity Spoofing.This issue affects Wp Ultimate Review: from n/a through <= 2.3.6. | ||||
| CVE-2023-49158 | 2026-04-29 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Binh Nguyen LadiApp ladipage allows Stored XSS.This issue affects LadiApp: from n/a through <= 4.4. | ||||
| CVE-2023-51360 | 1 Wpdeveloper | 1 Essential Blocks | 2026-04-29 | 6.5 Medium |
| Missing Authorization vulnerability in WPDeveloper Essential Blocks for Gutenberg essential-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Essential Blocks for Gutenberg: from n/a through <= 4.2.0. | ||||
| CVE-2023-49859 | 1 Wordpress | 1 Wordpress | 2026-04-29 | 4.3 Medium |
| Missing Authorization vulnerability in Marcus (aka @msykes) Login With Ajax login-with-ajax allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login With Ajax: from n/a through <= 4.1. | ||||