Total
342045 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-49611 | 1 Paxman | 1 Product Website Showcase | 2026-04-01 | 9.8 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in paxmanpwnz Product Website Showcase product-websites-showcase allows Upload a Web Shell to a Web Server.This issue affects Product Website Showcase: from n/a through <= 1.0. | ||||
| CVE-2024-49610 | 2 Jack Zhu, Jackzhu | 2 Photokit, Photokit | 2026-04-01 | 9.8 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in photokiteditor photokit photokit allows Upload a Web Shell to a Web Server.This issue affects photokit: from n/a through <= 1.0. | ||||
| CVE-2024-49609 | 1 Brandonwhite | 1 Author Discussion | 2026-04-01 | 8.8 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Brandon White Author Discussion author-discussion allows Blind SQL Injection.This issue affects Author Discussion: from n/a through <= 0.2.2. | ||||
| CVE-2024-49608 | 1 Gerryntabuhashe | 1 Gerryworks Post By Mail | 2026-04-01 | 8.8 High |
| Incorrect Privilege Assignment vulnerability in gerryworks GERRYWORKS Post by Mail gerryworks-post-by-mail allows Privilege Escalation.This issue affects GERRYWORKS Post by Mail: from n/a through <= 1.0. | ||||
| CVE-2024-49607 | 2 Redwan Hilali, Redwanhilali | 2 Wp Dropbox Dropins, Wp Dropbox Dropins | 2026-04-01 | 9.8 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in redhopit WP Dropbox Dropins wp-dropbox-dropins allows Upload a Web Shell to a Web Server.This issue affects WP Dropbox Dropins: from n/a through <= 1.0. | ||||
| CVE-2024-49606 | 1 Dotsquares | 1 Google Map Locations | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DotsquaresLtd Google Map Locations google-map-locations allows Reflected XSS.This issue affects Google Map Locations: from n/a through <= 1.0. | ||||
| CVE-2024-49605 | 1 Avchat.net | 1 Avchat Video Chat | 2026-04-01 | 6.1 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Stefan Nour AVChat Video Chat avchat-3 allows Stored XSS.This issue affects AVChat Video Chat: from n/a through <= 2.2. | ||||
| CVE-2024-49604 | 2 Najeeb Ahmad, Najeebmedia | 2 Simple User Registration, Simple User Registration | 2026-04-01 | 9.8 Critical |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in N-Media Simple User Registration wp-registration allows Authentication Bypass.This issue affects Simple User Registration: from n/a through <= 6.7. | ||||
| CVE-2024-49335 | 1 Edush Maxim | 1 Googledrive Folder List | 2026-04-01 | 6.1 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in sh4d0w28 GoogleDrive folder list googledrive-folder-list allows Stored XSS.This issue affects GoogleDrive folder list: from n/a through <= 2.2.2. | ||||
| CVE-2024-49334 | 1 Unizoewebsolutions | 1 Jlayer Parallax Slider | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Unizoe Web Solutions jLayer Parallax Slider jlayer-parallax-slider-wp allows Reflected XSS.This issue affects jLayer Parallax Slider: from n/a through <= 1.0. | ||||
| CVE-2024-49332 | 2 Giveaway Boost, Giveawayboost | 2 Giveaway Boost, Giveaway Boost | 2026-04-01 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in giveawayboost Giveaway Boost giveaway-boost allows Object Injection.This issue affects Giveaway Boost: from n/a through <= 2.1.4. | ||||
| CVE-2024-49331 | 2 Myriad Solutionz, Myriadsolutionz | 2 Property Lot Management System, Property Lot Management System | 2026-04-01 | 8.8 High |
| Unrestricted Upload of File with Dangerous Type vulnerability in Myriad Solutionz Property Lot Management System plms allows Upload a Web Shell to a Web Server.This issue affects Property Lot Management System: from n/a through <= 4.2.38. | ||||
| CVE-2024-49330 | 1 Brx8r | 1 Nice Backgrounds | 2026-04-01 | 9.8 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in brx8r Nice Backgrounds nicebackgrounds allows Upload a Web Shell to a Web Server.This issue affects Nice Backgrounds: from n/a through <= 1.0. | ||||
| CVE-2024-49329 | 2 Vivek Tamrakar, Vivektamrakar | 2 Wp Rest Api Fns, Wp Rest Api Fns | 2026-04-01 | 9.8 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in vivek2tamrakar WP REST API FNS rest-api-fns allows Upload a Web Shell to a Web Server.This issue affects WP REST API FNS: from n/a through <= 1.0.0. | ||||
| CVE-2024-49328 | 2 Vivek Tamrakar, Vivektamrakar | 2 Wp Rest Api Fns, Wp Rest Api Fns | 2026-04-01 | 9.8 Critical |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in vivek2tamrakar WP REST API FNS rest-api-fns allows Authentication Bypass.This issue affects WP REST API FNS: from n/a through <= 1.0.0. | ||||
| CVE-2024-49327 | 1 Asepbagjapriandana | 1 Woostagram Connect | 2026-04-01 | 9.8 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in bepitulaz Woostagram Connect woostagram-connect allows Upload a Web Shell to a Web Server.This issue affects Woostagram Connect: from n/a through <= 1.0.2. | ||||
| CVE-2024-49326 | 1 Vasiliskerasiotis | 1 Affiliator | 2026-04-01 | 9.8 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Vasileios Kerasiotis Affiliator affiliator-lite allows Upload a Web Shell to a Web Server.This issue affects Affiliator: from n/a through <= 2.1.3. | ||||
| CVE-2024-49325 | 1 Wpdiscover | 1 Photo Gallery Builder | 2026-04-01 | 8.8 High |
| Missing Authorization vulnerability in wpdiscover Photo Gallery Builder photo-gallery-builder allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Photo Gallery Builder: from n/a through <= 3.0. | ||||
| CVE-2024-49324 | 1 Sovratec | 2 Case Management, Sovratec Case Management | 2026-04-01 | 9.8 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in sovratecdev Sovratec Case Management sovratec-case-management allows Upload a Web Shell to a Web Server.This issue affects Sovratec Case Management: from n/a through <= 1.0.0. | ||||
| CVE-2024-49323 | 1 Sourav | 1 All In One Slider | 2026-04-01 | 6.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shahriar Alam All in One Slider all-in-one-slider allows Reflected XSS.This issue affects All in One Slider: from n/a through <= 1.1. | ||||