Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (80921 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-24878 1 Webdados 1 Portugal Ctt Tracking For Woocommerce 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marco Almeida | Webdados Portugal CTT Tracking for WooCommerce portugal-ctt-tracking-woocommerce.This issue affects Portugal CTT Tracking for WooCommerce: from n/a through <= 2.1.
CVE-2024-24843 1 Powerpackelements 1 Powerpack Addons For Elementor 2026-04-28 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in PowerPack Addons for Elementor PowerPack Pro for Elementor.This issue affects PowerPack Pro for Elementor: from n/a before 2.10.8.
CVE-2024-24866 1 Biteship 1 Biteship 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Biteship Biteship: Plugin Ongkos Kirim Kurir Instant, Reguler, Kargo allows Reflected XSS.This issue affects Biteship: Plugin Ongkos Kirim Kurir Instant, Reguler, Kargo: from n/a through 2.2.24.
CVE-2024-24847 1 Jgadbois 1 Calculatorpro Calculators 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jgadbois CalculatorPro Calculators allows Reflected XSS.This issue affects CalculatorPro Calculators: from n/a through 1.1.7.
CVE-2024-24846 1 Mightythemes 1 Mighty Addons 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MightyThemes Mighty Addons for Elementor allows Reflected XSS.This issue affects Mighty Addons for Elementor: from n/a through 1.9.3.
CVE-2024-24832 1 Metagauss 1 Eventprime 2026-04-28 8.2 High
Missing Authorization vulnerability in Metagauss EventPrime.This issue affects EventPrime: from n/a through 3.3.9.
CVE-2024-24842 2026-04-28 8.7 High
Deserialization of Untrusted Data vulnerability in Echo Plugins Knowledge Base for Documentation, FAQs with AI Assistance.This issue affects Knowledge Base for Documentation, FAQs with AI Assistance: from n/a through 11.30.2.
CVE-2024-24800 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AdTribes.Io Product Feed PRO for WooCommerce allows Reflected XSS.This issue affects Product Feed PRO for WooCommerce: from n/a through 13.2.5.
CVE-2024-24796 1 Mage-people 1 Event Manager And Tickets Selling For Woocommerce 2026-04-28 8.2 High
Deserialization of Untrusted Data vulnerability in MagePeople Team Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently – WordPress Plugin.This issue affects Event Manager and Tickets Selling Plugin for WooCommerce – WpEvently – WordPress Plugin: from n/a through 4.1.1.
CVE-2024-24714 1 Bplugins 1 Icons Font Loader 2026-04-28 7.2 High
Unrestricted Upload of File with Dangerous Type vulnerability in bPlugins LLC Icons Font Loader.This issue affects Icons Font Loader: from n/a through 1.1.4.
CVE-2024-24703 2 Multivendorx, Wordpress 2 Wc Marketplace, Wordpress 2026-04-28 8.6 High
Missing Authorization vulnerability in MultiVendorX WC Marketplace.This issue affects WC Marketplace: from n/a through 4.0.25.
CVE-2024-23512 1 Wpxpo 1 Wowstore 2026-04-28 8.7 High
Deserialization of Untrusted Data vulnerability in wpxpo ProductX – WooCommerce Builder & Gutenberg WooCommerce Blocks.This issue affects ProductX – WooCommerce Builder & Gutenberg WooCommerce Blocks: from n/a through 3.1.4.
CVE-2024-23513 1 Wp-property-hive 1 Propertyhive 2026-04-28 8.7 High
Deserialization of Untrusted Data vulnerability in PropertyHive.This issue affects PropertyHive: from n/a through 2.0.5.
CVE-2024-22305 1 Kaliforms 1 Kali Forms 2026-04-28 7.5 High
Authorization Bypass Through User-Controlled Key vulnerability in ali Forms Contact Form builder with drag & drop for WordPress – Kali Forms.This issue affects Contact Form builder with drag & drop for WordPress – Kali Forms: from n/a through 2.3.36.
CVE-2024-23508 1 Bplugins 1 Pdf Poster 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins PDF Poster – PDF Embedder Plugin for WordPress allows Reflected XSS.This issue affects PDF Poster – PDF Embedder Plugin for WordPress: from n/a through 2.1.17.
CVE-2024-22309 1 Quantumcloud 1 Wpbot 2026-04-28 8.7 High
Deserialization of Untrusted Data vulnerability in QuantumCloud ChatBot with AI.This issue affects ChatBot with AI: from n/a through 5.1.0.
CVE-2024-22311 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in N Squared Simply Schedule Appointments allows Reflected XSS.This issue affects Simply Schedule Appointments: from n/a through 1.6.6.20.
CVE-2024-22293 1 Dontdream 1 Bp Profile Search 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Andrea Tarantini BP Profile Search allows Reflected XSS.This issue affects BP Profile Search: from n/a through 5.5.
CVE-2024-22299 2 Foliovision, Wordpress 2 Fv Flowplayer Video Player, Wordpress 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Foliovision: Making the web work for you FV Flowplayer Video Player allows Reflected XSS.This issue affects FV Flowplayer Video Player: from n/a through 7.5.41.7212.
CVE-2024-22300 2 Icegram, Wordpress 2 Email Subscribers & Newsletters, Wordpress 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Icegram Email Subscribers & Newsletters allows Reflected XSS.This issue affects Email Subscribers & Newsletters: from n/a through 5.7.11.