Export limit exceeded: 341809 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341809 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-50518 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Common Ninja Pricer Ninja pricer-ninja-pricing-tables allows Stored XSS.This issue affects Pricer Ninja: from n/a through <= 2.1.0. | ||||
| CVE-2024-50517 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in IDSK team ID-SK Toolkit idsk-toolkit allows Stored XSS.This issue affects ID-SK Toolkit: from n/a through <= 1.7.2. | ||||
| CVE-2024-50516 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in adamskaat Countdown & Clock countdown-builder allows Stored XSS.This issue affects Countdown & Clock: from n/a through <= 3.0.8. | ||||
| CVE-2024-50515 | 1 Ninjaforms | 1 Ninja Forms | 2026-04-01 | 4.8 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kevin Stover Ninja Forms ninja-forms allows Stored XSS.This issue affects Ninja Forms: from n/a through <= 3.8.16. | ||||
| CVE-2024-50514 | 1 Ninjaforms | 1 Ninja Forms | 2026-04-01 | 4.8 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kevin Stover Ninja Forms ninja-forms allows Stored XSS.This issue affects Ninja Forms: from n/a through <= 3.8.16. | ||||
| CVE-2024-50513 | 2026-04-01 | N/A | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPXPO PostX ultimate-post allows Stored XSS.This issue affects PostX: from n/a through <= 4.1.15. | ||||
| CVE-2024-50512 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Generation of Error Message Containing Sensitive Information vulnerability in Posti Posti Shipping posti-shipping allows Retrieve Embedded Sensitive Data.This issue affects Posti Shipping: from n/a through <= 3.10.2. | ||||
| CVE-2024-50511 | 2026-04-01 | N/A | ||
| Unrestricted Upload of File with Dangerous Type vulnerability in donimedia WP donimedia carousel wp-donimedia-carousel allows Upload a Web Shell to a Web Server.This issue affects WP donimedia carousel: from n/a through <= 1.0.1. | ||||
| CVE-2024-50510 | 2026-04-01 | N/A | ||
| Unrestricted Upload of File with Dangerous Type vulnerability in webandprint AR For Woocommerce ar-for-woocommerce allows Upload a Web Shell to a Web Server.This issue affects AR For Woocommerce: from n/a through <= 6.3. | ||||
| CVE-2024-50509 | 2 Chetan Khandla, Wordpress | 2 Woocommerce Product Design, Wordpress | 2026-04-01 | N/A |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Chetan Khandla Woocommerce Product Design woo-product-design allows Path Traversal.This issue affects Woocommerce Product Design: from n/a through <= 1.0.0. | ||||
| CVE-2024-50508 | 2 Chetan Khandla, Wordpress | 2 Woocommerce Product Design, Wordpress | 2026-04-01 | N/A |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Chetan Khandla Woocommerce Product Design woo-product-design allows Path Traversal.This issue affects Woocommerce Product Design: from n/a through <= 1.0.0. | ||||
| CVE-2024-50507 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Deserialization of Untrusted Data vulnerability in Daschmi DS.DownloadList dsdownloadlist allows Object Injection.This issue affects DS.DownloadList: from n/a through <= 1.3. | ||||
| CVE-2024-50506 | 2 Azexo, Wordpress | 2 Marketing Automation By Azexo, Wordpress | 2026-04-01 | N/A |
| Incorrect Privilege Assignment vulnerability in azexo Marketing Automation by AZEXO marketing-automation-by-azexo allows Privilege Escalation.This issue affects Marketing Automation by AZEXO: from n/a through <= 1.27.80. | ||||
| CVE-2024-50504 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Incorrect Privilege Assignment vulnerability in webxmedia Bulk Change Role bulk-role-change allows Privilege Escalation.This issue affects Bulk Change Role: from n/a through <= 1.1. | ||||
| CVE-2024-50503 | 2026-04-01 | N/A | ||
| Authentication Bypass Using an Alternate Path or Channel vulnerability in Deryck User Toolkit user-toolkit allows Authentication Bypass.This issue affects User Toolkit: from n/a through <= 1.2.3. | ||||
| CVE-2024-50502 | 1 Cozythemes | 1 Cozy Blocks | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in CozyThemes Cozy Blocks cozy-addons allows DOM-Based XSS.This issue affects Cozy Blocks: from n/a through <= 2.0.18. | ||||
| CVE-2024-50501 | 1 Climaxthemes | 1 Kata Plus | 2026-04-01 | 5.4 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Climax Themes Kata Plus kata-plus allows DOM-Based XSS.This issue affects Kata Plus: from n/a through <= 1.4.7. | ||||
| CVE-2024-50500 | 1 Averta | 1 Shortcodes And Extra Features For Phlox Theme | 2026-04-01 | 9.8 Critical |
| Missing Authorization vulnerability in averta Shortcodes and extra features for Phlox theme auxin-elements allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Shortcodes and extra features for Phlox theme: from n/a through <= 2.17.4. | ||||
| CVE-2024-50498 | 1 Lubus | 2 Wp Querey Table, Wp Query Console | 2026-04-01 | 9.8 Critical |
| Improper Control of Generation of Code ('Code Injection') vulnerability in Ajit Bohra WP Query Console wp-query-console allows Code Injection.This issue affects WP Query Console: from n/a through <= 1.0. | ||||
| CVE-2024-50497 | 1 Buynowdepot | 1 Advanced Online Ordering And Delivery Platform | 2026-04-01 | 9.8 Critical |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in wdesco Advanced Online Ordering and Delivery Platform advanced-online-ordering-and-delivery-platform allows PHP Local File Inclusion.This issue affects Advanced Online Ordering and Delivery Platform: from n/a through <= 2.0.0. | ||||