Export limit exceeded: 344184 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 344184 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (75457 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-31382 | 1 Creativethemes | 1 Blocksy | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in creativethemeshq Blocksy blocksy.This issue affects Blocksy: from n/a through <= 2.0.22. | ||||
| CVE-2024-31374 | 1 Apppresser | 1 Apppresser | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Scott Bolinger AppPresser apppresser allows Cross Site Request Forgery.This issue affects AppPresser: from n/a through <= 4.3.0. | ||||
| CVE-2024-31359 | 1 Premmerce | 1 Premmerce Product Filter For Woocommerce | 2026-04-01 | 8.8 High |
| Missing Authorization vulnerability in Premmerce Premmerce Product Filter for WooCommerce premmerce-woocommerce-product-filter.This issue affects Premmerce Product Filter for WooCommerce: from n/a through <= 3.7.2. | ||||
| CVE-2024-31280 | 1 Church Admin Project | 1 Church Admin | 2026-04-01 | 8.8 High |
| Unrestricted Upload of File with Dangerous Type vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.1.5. | ||||
| CVE-2024-31246 | 1 Wpxpo | 1 Postx | 2026-04-01 | 8.8 High |
| Missing Authorization vulnerability in WPXPO PostX ultimate-post allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PostX: from n/a through <= 3.2.3. | ||||
| CVE-2024-30488 | 1 Katieseaborn | 1 Zotpress | 2026-04-01 | 8.8 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Katie Zotpress zotpress.This issue affects Zotpress: from n/a through <= 7.3.7. | ||||
| CVE-2024-30244 | 2 Church Admin Project, Wordpress | 2 Church Admin, Wordpress | 2026-04-01 | 8.8 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in andy_moyle Church Admin church-admin.This issue affects Church Admin: from n/a through <= 4.0.27. | ||||
| CVE-2024-30238 | 1 Contest-gallery | 1 Contest Gallery | 2026-04-01 | 8.8 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery.This issue affects Contest Gallery: from n/a through <= 21.3.2. | ||||
| CVE-2024-30229 | 2 Givewp, Wordpress | 2 Givewp, Wordpress | 2026-04-01 | 7.2 High |
| Deserialization of Untrusted Data vulnerability in StellarWP GiveWP give.This issue affects GiveWP: from n/a through <= 3.4.2. | ||||
| CVE-2024-29136 | 1 Themefic | 1 Tourfic | 2026-04-01 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through <= 2.11.17. | ||||
| CVE-2024-29135 | 1 Themefic | 1 Tourfic | 2026-04-01 | 8.8 High |
| Unrestricted Upload of File with Dangerous Type vulnerability in Themefic Tourfic tourfic.This issue affects Tourfic: from n/a through <= 2.11.15. | ||||
| CVE-2024-27950 | 1 Sirv | 1 Sirv | 2026-04-01 | 8.8 High |
| Missing Authorization vulnerability in Sirv CDN and Image Hosting Sirv sirv.This issue affects Sirv: from n/a through <= 7.2.0. | ||||
| CVE-2024-25932 | 1 Youngtechleads | 1 Change Table Prefix | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Manish Kumar Agarwal Change Table Prefix change-table-prefix allows Cross Site Request Forgery.This issue affects Change Table Prefix: from n/a through <= 2.0. | ||||
| CVE-2024-25918 | 1 Instawp | 1 Instawp Connect | 2026-04-01 | 8.8 High |
| Improper Control of Generation of Code ('Code Injection') vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP Connect: from n/a through <= 0.1.0.8. | ||||
| CVE-2024-24833 | 1 Leevio | 1 Happy Addons For Elementor | 2026-04-01 | 8.8 High |
| Missing Authorization vulnerability in HappyMonster Happy Addons for Elementor happy-elementor-addons.This issue affects Happy Addons for Elementor: from n/a through <= 3.10.1. | ||||
| CVE-2024-23507 | 1 Instawp | 1 Instawp Connect | 2026-04-01 | 8.8 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP Connect: from n/a through <= 0.1.0.9. | ||||
| CVE-2024-22145 | 1 Instawp | 1 Instawp Connect | 2026-04-01 | 8.8 High |
| Incorrect Privilege Assignment vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP Connect: from n/a through <= 0.1.0.8. | ||||
| CVE-2024-21746 | 1 Wpmet | 1 Wp Ultimate Review | 2026-04-01 | 7.5 High |
| Authentication Bypass by Spoofing vulnerability in Roxnor Wp Ultimate Review wp-ultimate-review allows Identity Spoofing.This issue affects Wp Ultimate Review: from n/a through <= 2.3.6. | ||||
| CVE-2024-1435 | 1 Tainacan | 1 Tainacan | 2026-04-01 | 7.5 High |
| Insertion of Sensitive Information Into Sent Data vulnerability in tainacan Tainacan tainacan.This issue affects Tainacan: from n/a through <= 0.20.6. | ||||
| CVE-2023-6080 | 2 Lakeside Software, Lakesidesoftware | 2 Systrack Lsiagent Installer, Systrack Lsiagent | 2026-04-01 | 7.8 High |
| Lakeside Software’s SysTrack LsiAgent Installer version 10.7.8 for Windows contains a local privilege escalation vulnerability which allows attackers SYSTEM level access. | ||||