Export limit exceeded: 338787 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 338787 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (338787 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-49682 | 1 Simple-membership-plugin | 1 Simple Membership | 2026-04-01 | 6.1 Medium |
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in wp.insider Simple Membership simple-membership allows Phishing.This issue affects Simple Membership: from n/a through <= 4.5.3. | ||||
| CVE-2024-49681 | 1 Swit | 1 Wp Sessions Time Monitoring Full Automatic | 2026-04-01 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in activity-log.com WP Sessions Time Monitoring Full Automatic activitytime allows SQL Injection.This issue affects WP Sessions Time Monitoring Full Automatic: from n/a through <= 1.0.9. | ||||
| CVE-2024-49680 | 2 Rextheme, Wordpress | 2 Wp Vr, Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in RexTheme WP VR wpvr allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP VR: from n/a through <= 8.5.5. | ||||
| CVE-2024-49679 | 1 Wpkoi | 1 Wpkoi Templates For Elementor | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpkoithemes WPKoi Templates for Elementor wpkoi-templates-for-elementor allows Stored XSS.This issue affects WPKoi Templates for Elementor: from n/a through <= 3.1.0. | ||||
| CVE-2024-49677 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in David Cramer Bootstrap Buttons bootstrap-buttons allows Reflected XSS.This issue affects Bootstrap Buttons: from n/a through <= 1.2. | ||||
| CVE-2024-49676 | 2026-04-01 | N/A | ||
| Unrestricted Upload of File with Dangerous Type vulnerability in Michael Bourne Custom Icons for Elementor custom-icons-for-elementor allows Upload a Web Shell to a Web Server.This issue affects Custom Icons for Elementor: from n/a through <= 0.3.3. | ||||
| CVE-2024-49675 | 1 Vitaliibryl | 1 Switch User | 2026-04-01 | 8.8 High |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in Vitalii iBryl Switch User ibryl-switch-user allows Authentication Bypass.This issue affects iBryl Switch User: from n/a through <= 1.0.1. | ||||
| CVE-2024-49674 | 1 Lukas Huser | 1 Ekc Tournament Manager | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in lukashuser EKC Tournament Manager ekc-tournament-manager allows Upload a Web Shell to a Web Server.This issue affects EKC Tournament Manager: from n/a through <= 2.2.1. | ||||
| CVE-2024-49673 | 1 Latex2html | 1 Latex2html | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Van Abel LaTeX2HTML latex2html allows Reflected XSS.This issue affects LaTeX2HTML: from n/a through <= 2.5.4. | ||||
| CVE-2024-49672 | 1 Gief | 1 Google Docs Rsvp | 2026-04-01 | 6.1 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in giffordcheung Google Docs RSVP google-docs-rsvp-guestlist allows Stored XSS.This issue affects Google Docs RSVP: from n/a through <= 2.0.1. | ||||
| CVE-2024-49670 | 1 Samglover | 1 Client Power Tools | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sam Glover Client Power Tools Portal client-power-tools allows Reflected XSS.This issue affects Client Power Tools Portal: from n/a through <= 1.9.0. | ||||
| CVE-2024-49669 | 1 Alexander De Ridder | 1 Ink Official | 2026-04-01 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in Alexander De Ridder INK Official ink-official allows Upload a Web Shell to a Web Server.This issue affects INK Official: from n/a through <= 4.1.2. | ||||
| CVE-2024-49668 | 1 Admin | 1 Verbalize | 2026-04-01 | N/A |
| Unrestricted Upload of File with Dangerous Type vulnerability in christopherdewese1099 Verbalize WP verbalize-wp allows Upload a Web Shell to a Web Server.This issue affects Verbalize WP: from n/a through <= 1.0. | ||||
| CVE-2024-49667 | 1 Nervythemes | 1 Local Business Addons For Elementor | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Asaduzzaman Abir Local Business Addons For Elementor map-addons-for-elementor-waze-map allows Stored XSS.This issue affects Local Business Addons For Elementor: from n/a through <= 1.1.5. | ||||
| CVE-2024-49666 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in reputeinfosystems ARPrice arprice allows SQL Injection.This issue affects ARPrice: from n/a through <= 4.1.3. | ||||
| CVE-2024-49664 | 1 Chatplus | 1 Chatplusjp | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in chatplusjp chatplusjp chatplusjp allows Reflected XSS.This issue affects chatplusjp: from n/a through <= 1.02. | ||||
| CVE-2024-49663 | 1 Elenazhyvohliad | 1 Ucat | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in elenkadark uCAT – Next Story ucat-next-story allows Reflected XSS.This issue affects uCAT – Next Story: from n/a through <= 2.0.0. | ||||
| CVE-2024-49662 | 1 Webgensis | 1 Simple Load More | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webgensis Simple Load More simple-load-more allows Reflected XSS.This issue affects Simple Load More: from n/a through <= 1.0. | ||||
| CVE-2024-49661 | 1 Leenk | 1 Leenk.me | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lew Ayotte leenk.me leenkme allows Reflected XSS.This issue affects leenk.me: from n/a through <= 2.16.0. | ||||
| CVE-2024-49660 | 1 Campusexplorer | 1 Widget | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CampusExplorer Campus Explorer Widget campus-explorer-widget allows Reflected XSS.This issue affects Campus Explorer Widget: from n/a through <= 1.4. | ||||