Export limit exceeded: 83496 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (83496 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-54374 | 2026-04-23 | 7.5 High | ||
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Sabri Sogrid sogrid allows PHP Local File Inclusion.This issue affects Sogrid: from n/a through <= 1.5.6. | ||||
| CVE-2024-54373 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.5 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Chris Gardenberg EduAdmin Booking eduadmin-booking allows PHP Local File Inclusion.This issue affects EduAdmin Booking: from n/a through <= 5.2.0. | ||||
| CVE-2024-54365 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.8 High |
| Incorrect Privilege Assignment vulnerability in Knowhalim KH Easy User Settings kh-easy-user-settings allows Privilege Escalation.This issue affects KH Easy User Settings: from n/a through <= 1.0.0. | ||||
| CVE-2024-54364 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in spartac Feedpress Generator feedpress-generator allows Reflected XSS.This issue affects Feedpress Generator: from n/a through <= 1.2.1. | ||||
| CVE-2024-54362 | 2026-04-23 | 8.1 High | ||
| Path Traversal: '.../...//' vulnerability in boggibill GetShop ecommerce getshop-ecommerce allows Path Traversal.This issue affects GetShop ecommerce: from n/a through <= 1.3. | ||||
| CVE-2024-54359 | 2 Saul Morales Pacheco, Wordpress | 2 Banner System, Wordpress | 2026-04-23 | 8.2 High |
| Missing Authorization vulnerability in Saul Morales Pacheco Banner System banner-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Banner System: from n/a through <= 1.0.0. | ||||
| CVE-2024-54358 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Enrico Cantori 3D Avatar User Profile 3d-avatar-user-profile allows Reflected XSS.This issue affects 3D Avatar User Profile: from n/a through <= 1.0.0. | ||||
| CVE-2024-54353 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in wpgear Hack-Info hack-info allows Stored XSS.This issue affects Hack-Info: from n/a through <= 3.17. | ||||
| CVE-2024-54352 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 8.8 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Sabri Sogrid sogrid allows Privilege Escalation.This issue affects Sogrid: from n/a through <= 1.5.2. | ||||
| CVE-2024-54351 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Thomas K Landis Fancy Roller Scroller fancy-roller-scroller allows Stored XSS.This issue affects Fancy Roller Scroller: from n/a through <= 1.4.0. | ||||
| CVE-2024-54350 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in hjyl hmd hmd allows Stored XSS.This issue affects hmd: from n/a through <= 2.0. | ||||
| CVE-2024-54347 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BAKKBONE Australia FloristPress bakkbone-florist-companion allows Reflected XSS.This issue affects FloristPress: from n/a through <= 7.2.0. | ||||
| CVE-2024-54344 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fahad Mahmood WP Quick Shop wp-quick-shop allows Reflected XSS.This issue affects WP Quick Shop: from n/a through <= 1.3.1. | ||||
| CVE-2024-54343 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in thehowarde Connect Contact Form 7 to Constant Contact connect-contact-form-7-to-constant-contact-v3 allows Reflected XSS.This issue affects Connect Contact Form 7 to Constant Contact: from n/a through <= 1.4. | ||||
| CVE-2024-54342 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in STAGGS STAGGS staggs allows Reflected XSS.This issue affects STAGGS: from n/a through <= 2.0.0. | ||||
| CVE-2024-54341 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LabelGrid LabelGrid Tools label-grid-tools allows Reflected XSS.This issue affects LabelGrid Tools: from n/a through <= 1.3.58. | ||||
| CVE-2024-54340 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sylviavanos Simple Presenter simple-presenter allows Reflected XSS.This issue affects Simple Presenter: from n/a through <= 1.5.1. | ||||
| CVE-2024-54339 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jbd7 geoFlickr geoflickr allows Reflected XSS.This issue affects geoFlickr: from n/a through <= 1.3. | ||||
| CVE-2024-54337 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in DevriX DX Dark Site devrix-dark-site allows Stored XSS.This issue affects DX Dark Site: from n/a through <= 1.0.1. | ||||
| CVE-2024-54336 | 2 Projectopia, Wordpress | 2 Projectopia, Wordpress | 2026-04-23 | 8.8 High |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in Projectopia Projectopia projectopia-core allows Authentication Bypass.This issue affects Projectopia: from n/a through <= 5.1.7. | ||||