Export limit exceeded: 75410 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (75410 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-50453 | 1 Webangon | 1 The Pack Elementor Addons | 2026-04-01 | 8.8 High |
| Relative Path Traversal vulnerability in webangon The Pack Elementor addons the-pack-addon allows PHP Local File Inclusion.This issue affects The Pack Elementor addons: from n/a through <= 2.0.9. | ||||
| CVE-2024-50442 | 1 Royal-elementor-addons | 1 Royal Elementor Addons | 2026-04-01 | 7.2 High |
| Improper Restriction of XML External Entity Reference vulnerability in WP Royal Royal Elementor Addons royal-elementor-addons allows XML Injection.This issue affects Royal Elementor Addons: from n/a through <= 1.3.980. | ||||
| CVE-2024-50436 | 1 Themehorse | 1 Clean Retina | 2026-04-01 | 8.8 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themehorse Clean Retina clean-retina.This issue affects Clean Retina: from n/a through <= 3.0.6. | ||||
| CVE-2024-50435 | 1 Themehorse | 1 Meta News | 2026-04-01 | 8.8 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themehorse Meta News meta-news.This issue affects Meta News: from n/a through <= 1.1.7. | ||||
| CVE-2024-50434 | 1 Themehorse | 1 Newscard | 2026-04-01 | 8.8 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themehorse NewsCard newscard.This issue affects NewsCard: from n/a through <= 1.3. | ||||
| CVE-2024-50417 | 1 Bold-themes | 1 Bold Page Builder | 2026-04-01 | 8.8 High |
| Missing Authorization vulnerability in boldthemes Bold Page Builder bold-page-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bold Page Builder: from n/a through <= 5.1.3. | ||||
| CVE-2024-50416 | 1 Wpclever | 1 Wpc Shop As A Customer For Woocommerce | 2026-04-01 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in WPClever WPC Shop as a Customer for WooCommerce wpc-shop-as-customer allows Object Injection.This issue affects WPC Shop as a Customer for WooCommerce: from n/a through <= 1.2.6. | ||||
| CVE-2024-50408 | 1 Kibokolabs | 1 Namaste\! Lms | 2026-04-01 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in Bob Namaste! LMS namaste-lms allows Object Injection.This issue affects Namaste! LMS: from n/a through <= 2.6.3. | ||||
| CVE-2024-49701 | 1 Themehorse | 2 Interface, Mags | 2026-04-01 | 8.8 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themehorse Mags mags.This issue affects Mags: from n/a through <= 1.1.6. | ||||
| CVE-2024-49690 | 1 Qodeinteractive | 1 Qi Blocks | 2026-04-01 | 8.8 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Qode Qi Blocks qi-blocks.This issue affects Qi Blocks: from n/a through <= 1.3.2. | ||||
| CVE-2024-49685 | 1 Smashballoon | 1 Custom Twitter Feeds | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Syed Balkhi Custom Twitter Feeds (Tweets Widget) custom-twitter-feeds allows Cross Site Request Forgery.This issue affects Custom Twitter Feeds (Tweets Widget): from n/a through <= 2.2.3. | ||||
| CVE-2024-49675 | 1 Vitaliibryl | 1 Switch User | 2026-04-01 | 8.8 High |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in Vitalii iBryl Switch User ibryl-switch-user allows Authentication Bypass.This issue affects iBryl Switch User: from n/a through <= 1.0.1. | ||||
| CVE-2024-49628 | 1 Whiletrue | 1 Most And Least Read Posts Widget | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in whiletrue Most And Least Read Posts Widget most-and-least-read-posts-widget allows Cross Site Request Forgery.This issue affects Most And Least Read Posts Widget: from n/a through <= 2.5.18. | ||||
| CVE-2024-49623 | 1 Hasanmovahed | 1 Duplicate Title Validate | 2026-04-01 | 8.8 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in hasan movahed Duplicate Title Validate duplicate-title-validate allows Blind SQL Injection.This issue affects Duplicate Title Validate: from n/a through <= 1.0. | ||||
| CVE-2024-49622 | 1 Apa | 1 Apa Banner Slider | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in aatmaadhikari Apa Banner Slider apa-banner-slider allows SQL Injection.This issue affects Apa Banner Slider: from n/a through <= 1.0.0. | ||||
| CVE-2024-49621 | 1 Apa | 1 Apa Register Newsletter Form | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in aatmaadhikari APA Register Newsletter Form apa-register-newsletter-form allows SQL Injection.This issue affects APA Register Newsletter Form: from n/a through <= 1.0.0. | ||||
| CVE-2024-49620 | 1 Naudinvladimir | 1 Ferma.ru.net | 2026-04-01 | 8.8 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mrcheck116 FERMA.ru.net ferma-ru-net-checkout allows Blind SQL Injection.This issue affects FERMA.ru.net: from n/a through <= 1.3.3. | ||||
| CVE-2024-49619 | 1 Acespritech | 1 Social Link Groups | 2026-04-01 | 8.8 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in acespritech Social Link Groups social-link-groups allows Blind SQL Injection.This issue affects Social Link Groups: from n/a through <= 1.1.0. | ||||
| CVE-2024-49618 | 1 Jordanlyall | 1 Mytweetlinks | 2026-04-01 | 8.8 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jordan Lyall MyTweetLinks mytweetlinks allows Blind SQL Injection.This issue affects MyTweetLinks: from n/a through <= 1.1.1. | ||||
| CVE-2024-49617 | 1 Bhaskardhote | 1 Back Link Tracker | 2026-04-01 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in anciwasim Back Link Tracker back-link-tracker allows Blind SQL Injection.This issue affects Back Link Tracker: from n/a through <= 1.0.0. | ||||