Export limit exceeded: 347108 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (347108 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-56000 | 1 Wordpress | 1 Wordpress | 2026-04-29 | 9.8 Critical |
| Incorrect Privilege Assignment vulnerability in SeventhQueen K Elements k-elements allows Privilege Escalation.This issue affects K Elements: from n/a through < 5.4.0. | ||||
| CVE-2024-49322 | 1 Codepassenger | 1 Job Board Manager For Wordpress | 2026-04-29 | 9.8 Critical |
| Incorrect Privilege Assignment vulnerability in CodePassenger Job Board Manager for WordPress jemployee allows Privilege Escalation.This issue affects Job Board Manager for WordPress: from n/a through <= 1.0. | ||||
| CVE-2024-52480 | 1 Astoundify | 2 Jobify, Jobify-job Board | 2026-04-29 | 5.3 Medium |
| Missing Authorization vulnerability in Astoundify Jobify jobify.This issue affects Jobify: from n/a through < 4.3.0. | ||||
| CVE-2024-49314 | 1 Zhuige | 1 Jiangqie Free Mini Program | 2026-04-29 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in jiangqie JiangQie Free Mini Program jiangqie-free-mini-program allows Upload a Web Shell to a Web Server.This issue affects JiangQie Free Mini Program: from n/a through <= 2.5.2. | ||||
| CVE-2024-49247 | 1 Oc2ps | 1 Better-bp-registration | 2026-04-29 | 9.8 Critical |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in SK BuddyPress Better Registration better-bp-registration allows Authentication Bypass.This issue affects BuddyPress Better Registration: from n/a through <= 1.6. | ||||
| CVE-2024-49315 | 1 Codeflock | 1 Free Download Manager | 2026-04-29 | 8.6 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in CodeFlock FREE DOWNLOAD MANAGER free-download-manager allows Path Traversal.This issue affects FREE DOWNLOAD MANAGER: from n/a through <= 1.0.0. | ||||
| CVE-2024-49316 | 1 Wordpress | 1 Wordpress | 2026-04-29 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zodiac Akismet htaccess writer akismet-htaccess-writer allows Reflected XSS.This issue affects Akismet htaccess writer: from n/a through <= 1.0.1. | ||||
| CVE-2024-49244 | 2026-04-29 | 8.5 High | ||
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in vrinsoft CSV Product Import Export for WooCommerce csv-wc-product-import-export.This issue affects CSV Product Import Export for WooCommerce: from n/a through <= 1.0.0. | ||||
| CVE-2024-49245 | 1 Ahime | 1 Ahime Image Printer | 2026-04-29 | 7.5 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in nahimsalami Ahime Image Printer ahime-image-printer.This issue affects Ahime Image Printer: from n/a through <= 1.0.0. | ||||
| CVE-2024-49248 | 2026-04-29 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Spacetime Ad Inserter ad-inserter allows Reflected XSS.This issue affects Ad Inserter: from n/a through <= 2.7.37. | ||||
| CVE-2024-49317 | 1 Zipang | 1 Point Maker | 2026-04-29 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ZIPANG Point Maker point-maker allows PHP Local File Inclusion.This issue affects Point Maker: from n/a through <= 0.1.4. | ||||
| CVE-2024-49253 | 1 James Park | 1 Analyse Uploads | 2026-04-29 | 8.6 High |
| Relative Path Traversal vulnerability in JamesPark.ninja Analyse Uploads analyse-uploads allows Relative Path Traversal.This issue affects Analyse Uploads: from n/a through <= 0.5. | ||||
| CVE-2024-49242 | 1 Shafiq | 1 Digital Library | 2026-04-29 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Shafiq Digital Lottery digital-lottery allows Upload a Web Shell to a Web Server.This issue affects Digital Lottery: from n/a through <= 3.0.5. | ||||
| CVE-2024-49246 | 1 Wordpress | 1 Wordpress | 2026-04-29 | 9.3 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in anand23 Ajax Rating with Custom Login ajax-rating-with-custom-login allows SQL Injection.This issue affects Ajax Rating with Custom Login: from n/a through <= 1.1. | ||||
| CVE-2024-49239 | 1 Nikhilvaghela | 1 Add Categories Post Footer | 2026-04-29 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in nikhilvaghela Add Categories Post Footer add-categories-post-footer allows Reflected XSS.This issue affects Add Categories Post Footer: from n/a through <= 2.2.2. | ||||
| CVE-2024-49227 | 1 Innovawebspzoo | 1 Free Stock Photos Foter | 2026-04-29 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in foter Free Stock Photos Foter free-stock-photos-foter allows Object Injection.This issue affects Free Stock Photos Foter: from n/a through <= 1.5.4. | ||||
| CVE-2024-49238 | 1 Dh9sb.dx-info | 1 Adif Log Search Widget | 2026-04-29 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in emka73 ADIF Log Search Widget adif-log-search-widget allows Reflected XSS.This issue affects ADIF Log Search Widget: from n/a through <= 1.0f. | ||||
| CVE-2024-49226 | 1 Taketin | 1 Taketin To Wp Membership | 2026-04-29 | 8.8 High |
| Deserialization of Untrusted Data vulnerability in taketin TAKETIN To WP Membership taketin-to-wp-membership allows Object Injection.This issue affects TAKETIN To WP Membership: from n/a through <= 2.8.17. | ||||
| CVE-2024-49240 | 1 Agustinberasategui | 1 Ab Categories Search Widget | 2026-04-29 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ajberasategui AB Categories Search Widget ab-categories-search-widget allows Reflected XSS.This issue affects AB Categories Search Widget : from n/a through <= 0.2.5. | ||||
| CVE-2024-43234 | 1 Xtendify | 1 Woffice | 2026-04-29 | 9.8 Critical |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in WofficeIO Woffice woffice allows Authentication Bypass.This issue affects Woffice: from n/a through <= 5.4.14. | ||||