Export limit exceeded: 346208 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 346208 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (346208 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-56301 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in enituretechnology Distance Based Shipping Calculator distance-based-shipping-calculator allows Reflected XSS.This issue affects Distance Based Shipping Calculator: from n/a through <= 2.0.21. | ||||
| CVE-2024-56300 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.5 High |
| Insertion of Sensitive Information Into Sent Data vulnerability in wpspin Post/Page Copying Tool postpage-import-export-with-custom-fields-taxonomies allows Retrieve Embedded Sensitive Data.This issue affects Post/Page Copying Tool: from n/a through <= 2.0.0. | ||||
| CVE-2024-56299 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pektsekye Notify Odoo notify-odoo allows Stored XSS.This issue affects Notify Odoo: from n/a through <= 1.0.0. | ||||
| CVE-2024-56298 | 2026-04-23 | 5.9 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rob @ 5 Star Plugins Pretty Simple Popup Builder pretty-simple-popup-builder allows Stored XSS.This issue affects Pretty Simple Popup Builder: from n/a through <= 1.0.9. | ||||
| CVE-2024-56297 | 2026-04-23 | 5.9 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuantumCloud Highlight highlight allows Stored XSS.This issue affects Highlight: from n/a through <= 2.0.2. | ||||
| CVE-2024-56296 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kitae Park Mang Board WP mangboard allows Reflected XSS.This issue affects Mang Board WP: from n/a through <= 1.8.4. | ||||
| CVE-2024-56295 | 1 Ays-pro | 1 Poll Maker | 2026-04-23 | 6.5 Medium |
| Missing Authorization vulnerability in Ays Pro Poll Maker poll-maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Poll Maker: from n/a through <= 5.5.6. | ||||
| CVE-2024-56294 | 2 Posimyth, Wordpress | 2 Nexter Blocks, Wordpress | 2026-04-23 | 6.4 Medium |
| Missing Authorization vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nexter Blocks: from n/a through <= 4.0.7. | ||||
| CVE-2024-56293 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nasir Ahmed Advanced Form Integration advanced-form-integration allows Stored XSS.This issue affects Advanced Form Integration: from n/a through <= 1.95.0. | ||||
| CVE-2024-56292 | 2026-04-23 | 5.9 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdevelop Email Reminders email-reminders allows Stored XSS.This issue affects Email Reminders: from n/a through <= 2.0.5. | ||||
| CVE-2024-56291 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.1 High |
| Deserialization of Untrusted Data vulnerability in plainware PlainInventory z-inventory-manager allows Object Injection.This issue affects PlainInventory: from n/a through <= 3.1.6. | ||||
| CVE-2024-56290 | 2026-04-23 | 9.3 Critical | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in silverplugins217 Multiple Shipping And Billing Address For Woocommerce different-shipping-and-billing-address-for-woocommerce allows SQL Injection.This issue affects Multiple Shipping And Billing Address For Woocommerce: from n/a through <= 1.2. | ||||
| CVE-2024-56289 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Adrian Tobey Groundhogg groundhogg allows Reflected XSS.This issue affects Groundhogg: from n/a through <= 3.7.3.3. | ||||
| CVE-2024-56288 | 1 Androidbubble | 1 Wp Docs | 2026-04-23 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fahad Mahmood WP Docs wp-docs allows Stored XSS.This issue affects WP Docs: from n/a through <= 2.2.1. | ||||
| CVE-2024-56287 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AppJetty WP jQuery DataTable wp-jquery-datatable allows Stored XSS.This issue affects WP jQuery DataTable: from n/a through <= 4.0.1. | ||||
| CVE-2024-56286 | 2026-04-23 | 7.5 High | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in webcodingplace Classic Addons – WPBakery Page Builder classic-addons-wpbakery-page-builder-addons allows PHP Local File Inclusion.This issue affects Classic Addons – WPBakery Page Builder: from n/a through <= 3.0. | ||||
| CVE-2024-56285 | 2 Wordpress, Wpbits | 2 Wordpress, Wpbits Addons For Elementor Page Builder | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpbits WPBITS Addons For Elementor Page Builder wpbits-addons-for-elementor allows Stored XSS.This issue affects WPBITS Addons For Elementor Page Builder: from n/a through <= 1.5.1. | ||||
| CVE-2024-56284 | 2026-04-23 | 9.3 Critical | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in sslplugins SSL Wireless SMS Notification ssl-wireless-sms-notification allows SQL Injection.This issue affects SSL Wireless SMS Notification: from n/a through <= 3.5.0. | ||||
| CVE-2024-56283 | 2026-04-23 | 8.1 High | ||
| Deserialization of Untrusted Data vulnerability in plainware Locatoraid Store Locator locatoraid allows Object Injection.This issue affects Locatoraid Store Locator: from n/a through <= 3.9.50. | ||||
| CVE-2024-56282 | 2026-04-23 | 7.5 High | ||
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Elicus WPMozo Addons Lite for Elementor wpmozo-addons-lite-for-elementor allows PHP Local File Inclusion.This issue affects WPMozo Addons Lite for Elementor: from n/a through <= 1.1.0. | ||||