Export limit exceeded: 344055 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 75408 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (75408 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-56052 | 2 Vibethemes, Wordpress | 2 Wordpress Learning Management System, Wordpress | 2026-04-01 | 8.8 High |
| Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS wplms_plugin allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a through < 1.9.9.5.2. | ||||
| CVE-2024-56051 | 2 Vibethemes, Wordpress | 2 Wordpress Learning Management System, Wordpress | 2026-04-01 | 8.8 High |
| Improper Control of Generation of Code ('Code Injection') vulnerability in VibeThemes WPLMS wplms_plugin allows Code Injection.This issue affects WPLMS: from n/a through < 1.9.9.5. | ||||
| CVE-2024-56050 | 2 Vibethemes, Wordpress | 2 Wordpress Learning Management System, Wordpress | 2026-04-01 | 8.8 High |
| Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS wplms_plugin allows Upload a Web Shell to a Web Server.This issue affects WPLMS: from n/a through < 1.9.9.5.3. | ||||
| CVE-2024-56047 | 2 Vibethemes, Wordpress | 2 Wordpress Learning Management System, Wordpress | 2026-04-01 | 8.8 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VibeThemes WPLMS wplms_plugin allows SQL Injection.This issue affects WPLMS: from n/a through < 1.9.9.5.3. | ||||
| CVE-2024-54355 | 1 Wpmailster | 1 Wp Mailster | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in brandtoss WP Mailster wp-mailster allows Cross Site Request Forgery.This issue affects WP Mailster: from n/a through <= 1.8.17.0. | ||||
| CVE-2024-54268 | 1 Siteorigin | 1 Siteorigin Widgets Bundle | 2026-04-01 | 8.8 High |
| Missing Authorization vulnerability in Greg - SiteOrigin SiteOrigin Widgets Bundle so-widgets-bundle allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteOrigin Widgets Bundle: from n/a through <= 1.64.0. | ||||
| CVE-2024-53825 | 1 Ninjateam | 1 Filebird | 2026-04-01 | 7.2 High |
| Missing Authorization vulnerability in Ninja Team Filebird filebird allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Filebird: from n/a through <= 6.3.2. | ||||
| CVE-2024-53816 | 1 Themeum | 1 Tutor Lms Elementor Addons | 2026-04-01 | 8.8 High |
| Missing Authorization vulnerability in Themeum Tutor LMS Elementor Addons tutor-lms-elementor-addons.This issue affects Tutor LMS Elementor Addons: from n/a through <= 2.1.5. | ||||
| CVE-2024-53808 | 1 Basixonline | 1 Nex-forms | 2026-04-01 | 7.2 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Basix NEX-Forms nex-forms-express-wp-form-builder allows SQL Injection.This issue affects NEX-Forms: from n/a through <= 8.7.8. | ||||
| CVE-2024-53804 | 2 Brandtoss, Wpmailster | 2 Wpmailster, Wp Mailster | 2026-04-01 | 7.5 High |
| Insertion of Sensitive Information Into Sent Data vulnerability in brandtoss WP Mailster wp-mailster allows Retrieve Embedded Sensitive Data.This issue affects WP Mailster: from n/a through <= 1.8.16.0. | ||||
| CVE-2024-53803 | 1 Wpmailster | 1 Wp Mailster | 2026-04-01 | 8.8 High |
| Missing Authorization vulnerability in brandtoss WP Mailster wp-mailster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Mailster: from n/a through <= 1.8.16.0. | ||||
| CVE-2024-53800 | 1 Rezgo | 1 Rezgo Online Booking | 2026-04-01 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in rezgo Rezgo rezgo allows PHP Local File Inclusion.This issue affects Rezgo: from n/a through <= 4.17. | ||||
| CVE-2024-53792 | 1 Kibokolabs | 1 Watu Quiz | 2026-04-01 | 8.8 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Bob Watu Quiz watu allows SQL Injection.This issue affects Watu Quiz: from n/a through <= 3.4.1.2. | ||||
| CVE-2024-53751 | 1 Buildapp | 1 Build App Online | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in hakeemnala Build App Online build-app-online allows Cross Site Request Forgery.This issue affects Build App Online: from n/a through <= 1.0.23. | ||||
| CVE-2024-52481 | 1 Astoundify | 2 Jobify, Jobify Job Board Wordpress Theme | 2026-04-01 | 7.5 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Astoundify Jobify jobify allows Relative Path Traversal.This issue affects Jobify: from n/a through < 4.3.0. | ||||
| CVE-2024-52479 | 1 Astoundify | 1 Jobify | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Astoundify Jobify jobify allows Cross Site Request Forgery.This issue affects Jobify: from n/a through < 4.3.0. | ||||
| CVE-2024-52436 | 1 Wpexperts | 1 Post Smtp | 2026-04-01 | 7.2 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saad Iqbal Post SMTP post-smtp allows Blind SQL Injection.This issue affects Post SMTP: from n/a through <= 2.9.9. | ||||
| CVE-2024-52435 | 1 Wpdownloadmanager | 1 Premium Packages - Sell Digital Products Securely | 2026-04-01 | 7.2 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Shahjada WPDM – Premium Packages wpdm-premium-packages.This issue affects WPDM – Premium Packages: from n/a through <= 6.0.5. | ||||
| CVE-2024-52429 | 2 Anton Hoelstad, Antonhoelstad | 2 Wp Quick Setup, Wp Quick Setup | 2026-04-01 | 8.8 High |
| Unrestricted Upload of File with Dangerous Type vulnerability in AntonHoelstad WP Quick Setup wp-quick-setup allows Upload a Web Shell to a Web Server.This issue affects WP Quick Setup: from n/a through <= 2.0. | ||||
| CVE-2024-52427 | 2 Saso Nikolov, Vollstart | 2 Event Tickets With Ticket Scanner, Event Tickets With Ticket Scanner | 2026-04-01 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in Vollstart Event Tickets with Ticket Scanner event-tickets-with-ticket-scanner allows Server Side Include (SSI) Injection.This issue affects Event Tickets with Ticket Scanner: from n/a through <= 2.3.11. | ||||