Search

Expected end of text, found '.' (at char 35), (line:1, col:36)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (341845 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-56216 1 Themify 1 Builder 2026-04-01 6.5 Medium
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themifyme Themify Builder themify-builder allows PHP Local File Inclusion.This issue affects Themify Builder: from n/a through <= 7.6.3.
CVE-2024-56215 2026-04-01 N/A
Missing Authorization vulnerability in DBAR Productions Member Directory and Contact Form pta-member-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Member Directory and Contact Form: from n/a through <= 1.7.0.
CVE-2024-56214 1 Wordpress 1 Wordpress 2026-04-01 N/A
Path Traversal: '.../...//' vulnerability in DeluxeThemes Userpro userpro allows Path Traversal.This issue affects Userpro: from n/a through <= 5.1.9.
CVE-2024-56213 2 Themewinter, Wordpress 2 Eventin, Wordpress 2026-04-01 8.8 High
Path Traversal: '.../...//' vulnerability in Arraytics Eventin wp-event-solution allows Path Traversal.This issue affects Eventin: from n/a through <= 4.0.7.
CVE-2024-56212 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in DeluxeThemes Userpro userpro.This issue affects Userpro: from n/a through <= 5.1.9.
CVE-2024-56211 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in DeluxeThemes Userpro userpro.This issue affects Userpro: from n/a through <= 5.1.9.
CVE-2024-56210 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DeluxeThemes Userpro userpro allows Reflected XSS.This issue affects Userpro: from n/a through <= 5.1.9.
CVE-2024-56209 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SeventhQueen Kleo kleo allows Reflected XSS.This issue affects Kleo: from n/a through < 5.4.4.
CVE-2024-56207 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in EditionGuard EditionGuard for WooCommerce – eBook Sales with DRM editionguard-for-woocommerce-ebook-sales-with-drm allows Privilege Escalation.This issue affects EditionGuard for WooCommerce – eBook Sales with DRM: from n/a through <= 3.4.2.
CVE-2024-56206 1 Wordpress 1 Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in krishankakkar gap-hub-user-role gap-hub-user-role allows Authentication Bypass.This issue affects gap-hub-user-role: from n/a through <= 3.4.1.
CVE-2024-56205 1 Wordpress 1 Wordpress 2026-04-01 N/A
Incorrect Privilege Assignment vulnerability in SunnyKai AI Magic newsletter-page-redirects allows Privilege Escalation.This issue affects AI Magic: from n/a through <= 1.0.4.
CVE-2024-56204 1 Wordpress 1 Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in yonisink Sinking Dropdowns sinking-dropdowns allows Privilege Escalation.This issue affects Sinking Dropdowns: from n/a through <= 1.25.
CVE-2024-56203 1 Wordpress 1 Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in gholme4 Wayne Audio Player wayne-audio-player allows Privilege Escalation.This issue affects Wayne Audio Player: from n/a through <= 1.0.
CVE-2024-56071 1 Wordpress 1 Wordpress 2026-04-01 N/A
Incorrect Privilege Assignment vulnerability in mikeleembruggen Simple Dashboard simple-dashboard allows Privilege Escalation.This issue affects Simple Dashboard: from n/a through <= 2.0.
CVE-2024-56070 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in azzaroco WP SuperBackup indeed-wp-superbackup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP SuperBackup: from n/a through <= 2.3.3.
CVE-2024-56069 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in azzaroco WP SuperBackup indeed-wp-superbackup allows Reflected XSS.This issue affects WP SuperBackup: from n/a through <= 2.3.3.
CVE-2024-56068 1 Wordpress 1 Wordpress 2026-04-01 N/A
Deserialization of Untrusted Data vulnerability in azzaroco WP SuperBackup indeed-wp-superbackup.This issue affects WP SuperBackup: from n/a through <= 2.3.3.
CVE-2024-56067 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in azzaroco WP SuperBackup indeed-wp-superbackup allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP SuperBackup: from n/a through <= 2.3.3.
CVE-2024-56066 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in inspry Agency Toolkit agency-toolkit allows Privilege Escalation.This issue affects Agency Toolkit: from n/a through <= 1.0.23.
CVE-2024-56065 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Saleswonder Team: Tobias WP2LEADS wp2leads allows Reflected XSS.This issue affects WP2LEADS: from n/a through <= 3.4.2.