Export limit exceeded: 338718 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (338718 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-49227 | 1 Innovawebspzoo | 1 Free Stock Photos Foter | 2026-04-01 | N/A |
| Deserialization of Untrusted Data vulnerability in foter Free Stock Photos Foter free-stock-photos-foter allows Object Injection.This issue affects Free Stock Photos Foter: from n/a through <= 1.5.4. | ||||
| CVE-2024-49226 | 1 Taketin | 1 Taketin To Wp Membership | 2026-04-01 | N/A |
| Deserialization of Untrusted Data vulnerability in taketin TAKETIN To WP Membership taketin-to-wp-membership allows Object Injection.This issue affects TAKETIN To WP Membership: from n/a through <= 2.8.17. | ||||
| CVE-2024-49225 | 1 Swebdeveloper | 1 Wppricing Builder | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in swebdeveloper wpPricing Builder wppricing-builder-lite-responsive-pricing-table-builder allows Stored XSS.This issue affects wpPricing Builder: from n/a through <= 1.5.0. | ||||
| CVE-2024-49224 | 1 Maheshpatel | 1 Mitm Bug Tracker | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mahesh_9696 Mitm Bug Tracker mitm-bug-tracker allows Reflected XSS.This issue affects Mitm Bug Tracker: from n/a through <= 1.0. | ||||
| CVE-2024-49223 | 1 Shibulijack | 1 Cj Change Howdy | 2026-04-01 | 6.1 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in shibulijack CJ Change Howdy cj-change-howdy allows Cross Site Request Forgery.This issue affects CJ Change Howdy: from n/a through <= 3.3.1. | ||||
| CVE-2024-49222 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Deserialization of Untrusted Data vulnerability in AmentoTech Private Limited WPGuppy wpguppy-lite allows Object Injection.This issue affects WPGuppy: from n/a through <= 1.1.0. | ||||
| CVE-2024-49221 | 1 Julianweinert | 1 Cslider | 2026-04-01 | 6.1 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in julian.weinert cSlider cslider allows Cross Site Request Forgery.This issue affects cSlider: from n/a through <= 2.4.2. | ||||
| CVE-2024-49220 | 1 Cookie-scanner | 1 Cookie Scanner | 2026-04-01 | 6.1 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Nikel Cookie Scanner cookie-scanner allows Cross Site Request Forgery.This issue affects Cookie Scanner: from n/a through <= 1.1. | ||||
| CVE-2024-49219 | 1 Themexpo | 1 Rs-members | 2026-04-01 | 8.8 High |
| Incorrect Privilege Assignment vulnerability in themexpo RS-Members rs-members allows Privilege Escalation.This issue affects RS-Members: from n/a through <= 1.0.3. | ||||
| CVE-2024-49218 | 1 Recently Project | 1 Recently | 2026-04-01 | N/A |
| Deserialization of Untrusted Data vulnerability in Al Imran Akash Recently recently-viewed-most-viewed-and-sold-products-for-woocommerce allows Object Injection.This issue affects Recently: from n/a through <= 1.1. | ||||
| CVE-2024-49217 | 2 Madiri Salman Aashish, Madirisalmanaashish | 2 User-drop-down-roles-in-registration, Adding Drop Down Roles In Registration | 2026-04-01 | 9.8 Critical |
| Incorrect Privilege Assignment vulnerability in madiriaashish Adding drop down roles in registration user-drop-down-roles-in-registration allows Privilege Escalation.This issue affects Adding drop down roles in registration: from n/a through <= 1.1. | ||||
| CVE-2024-49216 | 1 Joshua Clayton | 1 Feed Comments Number | 2026-04-01 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in jclay06 Feed Comments Number feed-comments-number allows Upload a Web Shell to a Web Server.This issue affects Feed Comments Number: from n/a through <= 0.2.1. | ||||
| CVE-2024-48049 | 1 Mightyplugins | 1 Mighty Builder | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mighty Plugins Mighty Builder mighty-builder allows Stored XSS.This issue affects Mighty Builder: from n/a through <= 1.0.2. | ||||
| CVE-2024-48048 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in GabbyKhrmon Wsify Widget wsify-widget allows Stored XSS.This issue affects Wsify Widget: from n/a through <= 1.0. | ||||
| CVE-2024-48047 | 2026-04-01 | N/A | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Razon Komar Pal Linked Variation for WooCommerce linked-variation-for-woocommerce allows Cross Site Request Forgery.This issue affects Linked Variation for WooCommerce: from n/a through <= 1.0.5. | ||||
| CVE-2024-48046 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in supsystic Contact Form by Supsystic contact-form-by-supsystic allows Stored XSS.This issue affects Contact Form by Supsystic: from n/a through <= 1.7.28. | ||||
| CVE-2024-48045 | 1 Leevio | 1 Happy Addons For Elementor | 2026-04-01 | 8.8 High |
| Missing Authorization vulnerability in HappyMonster Happy Addons for Elementor happy-elementor-addons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Happy Addons for Elementor: from n/a through <= 3.12.3. | ||||
| CVE-2024-48044 | 1 Shortpixel | 1 Image Optimizer | 2026-04-01 | 8.8 High |
| Missing Authorization vulnerability in ShortPixel ShortPixel Image Optimizer shortpixel-image-optimiser allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ShortPixel Image Optimizer: from n/a through <= 5.6.3. | ||||
| CVE-2024-48043 | 1 Shortpixel | 1 Shortpixel Image Optimizer | 2026-04-01 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ShortPixel ShortPixel Image Optimizer shortpixel-image-optimiser allows Blind SQL Injection.This issue affects ShortPixel Image Optimizer: from n/a through <= 5.6.3. | ||||
| CVE-2024-48042 | 1 Supsystic | 1 Contact Form | 2026-04-01 | N/A |
| Deserialization of Untrusted Data vulnerability in supsystic Contact Form by Supsystic contact-form-by-supsystic allows Command Injection.This issue affects Contact Form by Supsystic: from n/a through <= 1.7.28. | ||||