Export limit exceeded: 351254 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 80847 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (80847 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-27968 | 1 Optimole | 1 Super Page Cache | 2026-04-28 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Optimole Super Page Cache for Cloudflare allows Stored XSS.This issue affects Super Page Cache for Cloudflare: from n/a through 4.7.5. | ||||
| CVE-2024-27964 | 1 Gesundheit-bewegt | 1 Zippy | 2026-04-28 | 8.8 High |
| Unrestricted Upload of File with Dangerous Type vulnerability in Gesundheit Bewegt GmbH Zippy.This issue affects Zippy: from n/a through 1.6.9. | ||||
| CVE-2024-27961 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Codekraft AntiSpam for Contact Form 7 allows Reflected XSS.This issue affects AntiSpam for Contact Form 7: from n/a through 0.6.0. | ||||
| CVE-2024-27962 | 1 Fkrauthan | 1 Wp-mpdf | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Florian 'fkrauthan' Krauthan allows Reflected XSS.This issue affects wp-mpdf: from n/a through 3.7.1. | ||||
| CVE-2024-27952 | 1 Wpcodeus | 1 Advanced Sermons | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Codeus Advanced Sermons allows Reflected XSS.This issue affects Advanced Sermons: from n/a through 3.2. | ||||
| CVE-2024-27955 | 2 Wordpress, Wp Automatic | 2 Wordpress, Automatic | 2026-04-28 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in WP Automatic Automatic allows Privilege Escalation.This issue affects Automatic: from n/a through 3.92.0. | ||||
| CVE-2024-2721 | 1 Sygnoos | 1 Social Media Share Buttons | 2026-04-28 | 8.2 High |
| Deserialization of Untrusted Data vulnerability in Social Media Share Buttons By Sygnoos Social Media Share Buttons.This issue affects Social Media Share Buttons: from n/a through 2.1.0. | ||||
| CVE-2024-27196 | 1 Jmash | 1 Postmash | 2026-04-28 | 7.1 High |
| Cross Site Scripting (XSS) vulnerability in Joel Starnes postMash – custom post order allows Reflected XSS.This issue affects postMash – custom post order: from n/a through 1.2.0. | ||||
| CVE-2024-2702 | 1 Olivethemes | 1 Olive One Click Demo Import | 2026-04-28 | 8.2 High |
| Missing Authorization vulnerability in Olive Themes Olive One Click Demo Import allows importing settings and data, ultimately leading to XSS.This issue affects Olive One Click Demo Import: from n/a through 1.1.1. | ||||
| CVE-2024-27197 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Bee BeePress allows Stored XSS.This issue affects BeePress: from n/a through 6.9.8. | ||||
| CVE-2024-27192 | 2026-04-28 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scott Reilly Configure SMTP allows Reflected XSS.This issue affects Configure SMTP: from n/a through 3.1. | ||||
| CVE-2024-25924 | 2026-04-28 | 7.6 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Trustindex.Io WP Testimonials.This issue affects WP Testimonials: from n/a through 1.4.3. | ||||
| CVE-2024-25921 | 2026-04-28 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Concerted Action Action Network allows Reflected XSS.This issue affects Action Network: from n/a through 1.4.2. | ||||
| CVE-2024-25926 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in IndiaNIC Widgets Controller allows Reflected XSS.This issue affects Widgets Controller: from n/a through 1.1. | ||||
| CVE-2024-25917 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 8.8 High |
| Exposure of Sensitive Information to an Unauthorized Actor vulnerability in CodeRevolution WP Setup Wizard.This issue affects WP Setup Wizard: from n/a through 1.0.8.1. | ||||
| CVE-2024-25911 | 2026-04-28 | 8.6 High | ||
| Missing Authorization vulnerability in Skymoon Labs MoveTo.This issue affects MoveTo: from n/a through 6.2. | ||||
| CVE-2024-25597 | 1 Etoilewebdesign | 1 Ultimate Reviews | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Etoile Web Design Ultimate Reviews allows Stored XSS.This issue affects Ultimate Reviews: from n/a through 3.2.8. | ||||
| CVE-2024-25093 | 1 Dev4press | 1 Gd Rating System | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Milan Petrovic GD Rating System allows Stored XSS.This issue affects GD Rating System: from n/a through 3.5. | ||||
| CVE-2024-24926 | 1 Unitedthemes | 2 Brooklyn, Brooklyn Creativie Multi Purpose Responsive Wordpress Theme | 2026-04-28 | 7.5 High |
| Deserialization of Untrusted Data vulnerability in UnitedThemes Brooklyn | Creative Multi-Purpose Responsive WordPress Theme.This issue affects Brooklyn | Creative Multi-Purpose Responsive WordPress Theme: from n/a through 4.9.7.6. | ||||
| CVE-2024-24932 | 1 Zixn | 1 Vk Poster Group | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Djo VK Poster Group allows Reflected XSS.This issue affects VK Poster Group: from n/a through 2.0.3. | ||||