Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (80921 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-49221 1 Julianweinert 1 Cslider 2026-04-29 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in julian.weinert cSlider cslider allows Cross Site Request Forgery.This issue affects cSlider: from n/a through <= 2.4.2.
CVE-2024-49223 1 Shibulijack 1 Cj Change Howdy 2026-04-29 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in shibulijack CJ Change Howdy cj-change-howdy allows Cross Site Request Forgery.This issue affects CJ Change Howdy: from n/a through <= 3.3.1.
CVE-2024-49220 1 Cookie-scanner 1 Cookie Scanner 2026-04-29 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in Nikel Cookie Scanner cookie-scanner allows Cross Site Request Forgery.This issue affects Cookie Scanner: from n/a through <= 1.1.
CVE-2023-49158 2026-04-29 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Binh Nguyen LadiApp ladipage allows Stored XSS.This issue affects LadiApp: from n/a through <= 4.4.
CVE-2023-51355 1 Multivendorx 1 Wc Marketplace 2026-04-29 8.2 High
Missing Authorization vulnerability in MultiVendorX MultiVendorX dc-woocommerce-multi-vendor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MultiVendorX: from n/a through <= 4.0.23.
CVE-2024-11620 1 Rank Math Seo 1 Rank Math Seo 2026-04-29 7.2 High
Improper Control of Generation of Code ('Code Injection') vulnerability in Rank Math SEO Rank Math SEO seo-by-rank-math allows Code Injection.This issue affects Rank Math SEO: from n/a through <= 1.0.231.
CVE-2023-49856 1 Rednao 1 Smart Forms 2026-04-29 8.1 High
Missing Authorization vulnerability in EDGARROJAS Smart Forms smart-forms allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart Forms: from n/a through <= 2.6.84.
CVE-2023-48758 2 Crocoblock, Wordpress 2 Jetengine, Wordpress 2026-04-29 7.1 High
Missing Authorization vulnerability in Crocoblock JetEngine jet-engine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetEngine: from n/a through <= 3.2.4.
CVE-2023-48286 2026-04-29 8.2 High
Missing Authorization vulnerability in mra13 Stripe Payments stripe-payments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Stripe Payments: from n/a through <= 2.0.79.
CVE-2023-47648 2 Spider-themes, Wordpress 2 Eazydocs, Wordpress 2026-04-29 7.5 High
Missing Authorization vulnerability in Spider Themes EazyDocs eazydocs allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EazyDocs: from n/a through <= 2.3.5.
CVE-2023-47224 2026-04-29 7.5 High
Missing Authorization vulnerability in WP Travel WP Travel wp-travel allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Travel: from n/a through <= 7.8.0.
CVE-2023-47698 1 Artisanworkshop 1 Japanized For Woocommerce 2026-04-29 8.6 High
Missing Authorization vulnerability in shohei.tanaka Japanized For WooCommerce woocommerce-for-japan allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Japanized For WooCommerce: from n/a through <= 2.6.4.
CVE-2023-47185 1 Gvectors 1 Wpdiscuz 2026-04-29 7.1 High
Unauth. Stored Cross-Site Scripting (XSS) vulnerability in gVectors Team Comments — wpDiscuz plugin <= 7.6.11 versions.
CVE-2023-47182 1 Nazmulhossainnihal 1 Login Screen Manager 2026-04-29 7.1 High
Cross-Site Request Forgery (CSRF) leading to a Stored Cross-Site Scripting (XSS) vulnerability in Nazmul Hossain Nihal Login Screen Manager plugin <= 3.5.2 versions.
CVE-2023-47693 2 Themefic, Wordpress 2 Ultimate Addons For Contact Form 7, Wordpress 2026-04-29 7.5 High
Missing Authorization vulnerability in Themefic Ultimate Addons for Contact Form 7 ultimate-addons-for-contact-form-7 allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ultimate Addons for Contact Form 7: from n/a through <= 3.2.6.
CVE-2023-46626 1 Flowfact 1 Flowfact 2026-04-29 7.1 High
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in FLOWFACT WP Connector plugin <= 2.1.7 versions.
CVE-2023-47179 2 Byconsole, Wordpress 2 Wooodt Lite, Wordpress 2026-04-29 8.8 High
Missing Authorization vulnerability in mdalabar WooODT Lite byconsole-woo-order-delivery-time allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooODT Lite: from n/a through <= 2.4.6.
CVE-2023-41130 2026-04-29 8.1 High
Missing Authorization vulnerability in Premmerce Premmerce User Roles premmerce-user-roles allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Premmerce User Roles: from n/a through <= 1.0.12.
CVE-2023-25983 2 Kbsupport, Logon 2 Kb Support, Kb Support 2026-04-29 8.8 High
Improper Neutralization of Formula Elements in a CSV File vulnerability in WPOmnia KB Support.This issue affects KB Support: from n/a through 1.5.84.
CVE-2023-32741 1 Itpathsolutions 1 Contact Form To Any Api 2026-04-29 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in IT Path Solutions PVT LTD Contact Form to Any API allows SQL Injection.This issue affects Contact Form to Any API: from n/a through 1.1.2.