CVEs and Security Vulnerabilities

Search

Switch to Advanced Search (Beta)

Total 341805 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-50419	1 Greenshiftwp	1 Greenshift - Animation And Page Builder Blocks	2026-04-01	9.8 Critical
Incorrect Authorization vulnerability in wpsoul Greenshift greenshift-animation-and-page-builder-blocks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Greenshift: from n/a through <= 9.7.
CVE-2024-50418			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Time Slot Booking Time Slot timeslot allows DOM-Based XSS.This issue affects Time Slot: from n/a through <= 1.3.6.
CVE-2024-50417	1 Bold-themes	1 Bold Page Builder	2026-04-01	8.8 High
Missing Authorization vulnerability in boldthemes Bold Page Builder bold-page-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bold Page Builder: from n/a through <= 5.1.3.
CVE-2024-50416	1 Wpclever	1 Wpc Shop As A Customer For Woocommerce	2026-04-01	8.8 High
Deserialization of Untrusted Data vulnerability in WPClever WPC Shop as a Customer for WooCommerce wpc-shop-as-customer allows Object Injection.This issue affects WPC Shop as a Customer for WooCommerce: from n/a through <= 1.2.6.
CVE-2024-50415			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pagup Ads.txt & App-ads.txt Manager for WordPress app-ads-txt allows Stored XSS.This issue affects Ads.txt & App-ads.txt Manager for WordPress: from n/a through <= 1.1.7.1.
CVE-2024-50414	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Buttonizer Button contact VR button-contact-vr allows Stored XSS.This issue affects Button contact VR: from n/a through <= 4.7.9.1.
CVE-2024-50413	2 Codection, Wordpress	2 Import And Export Users And Customers, Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Javier Carazo Import and export users and customers import-users-from-csv-with-meta allows Stored XSS.This issue affects Import and export users and customers: from n/a through <= 1.27.5.
CVE-2024-50412	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jules Colle Conditional Fields for Contact Form 7 cf7-conditional-fields allows Stored XSS.This issue affects Conditional Fields for Contact Form 7: from n/a through <= 2.4.15.
CVE-2024-50411	1 Kevonadonis	1 Wp Abstracts	2026-04-01	4.8 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kevon Adonis WP Abstracts wp-abstracts-manuscripts-manager allows Stored XSS.This issue affects WP Abstracts: from n/a through <= 2.7.1.
CVE-2024-50410	1 Kibokolabs	1 Namaste\! Lms	2026-04-01	5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bob Namaste! LMS namaste-lms allows Stored XSS.This issue affects Namaste! LMS: from n/a through <= 2.6.4.
CVE-2024-50409	1 Kibokolabs	1 Namaste\! Lms	2026-04-01	5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bob Namaste! LMS namaste-lms allows Stored XSS.This issue affects Namaste! LMS: from n/a through <= 2.6.2.
CVE-2024-50408	1 Kibokolabs	1 Namaste\! Lms	2026-04-01	8.8 High
Deserialization of Untrusted Data vulnerability in Bob Namaste! LMS namaste-lms allows Object Injection.This issue affects Namaste! LMS: from n/a through <= 2.6.3.
CVE-2024-50407	1 Kibokolabs	1 Namaste\! Lms	2026-04-01	6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bob Namaste! LMS namaste-lms allows Reflected XSS.This issue affects Namaste! LMS: from n/a through <= 2.6.2.
CVE-2024-4746	1 Netgsm	1 Netgsm	2026-04-01	6.3 Medium
Missing Authorization vulnerability in netgsm Netgsm netgsm allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Netgsm: from n/a through <= 2.9.32.
CVE-2024-4689	1 Shortpixel	1 Shortpixel Adaptive Images	2026-04-01	N/A
Cross-Site Request Forgery (CSRF) vulnerability in ShortPixel ShortPixel Adaptive Images shortpixel-adaptive-images.This issue affects ShortPixel Adaptive Images: from n/a through <= 3.8.3.
CVE-2024-49703			2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in magepeopleteam WpEvently mage-eventpress.This issue affects WpEvently: from n/a through <= 4.2.5.
CVE-2024-49702	1 Mycred	1 Mycred Elementor	2026-04-01	5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saad Iqbal myCred Elementor mycred-for-elementor allows Stored XSS.This issue affects myCred Elementor: from n/a through <= 1.2.6.
CVE-2024-49701	1 Themehorse	2 Interface, Mags	2026-04-01	8.8 High
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themehorse Mags mags.This issue affects Mags: from n/a through <= 1.1.6.
CVE-2024-49700	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in reputeinfosystems ARPrice arprice allows Reflected XSS.This issue affects ARPrice: from n/a through <= 4.1.3.
CVE-2024-49699	1 Wordpress	1 Wordpress	2026-04-01	N/A
Deserialization of Untrusted Data vulnerability in reputeinfosystems ARPrice arprice allows Object Injection.This issue affects ARPrice: from n/a through <= 4.1.3.

« first previous Page 342 of 17091. next last »