Search

Expected end of text, found '.' (at char 35), (line:1, col:36)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (341843 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-54266 1 Imagerecycle 1 Imagerecycle Pdf \& Image Compression 2026-04-01 6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ImageRecycle ImageRecycle pdf & image compression imagerecycle-pdf-image-compression allows Reflected XSS.This issue affects ImageRecycle pdf & image compression: from n/a through <= 3.1.16.
CVE-2024-54265 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dmitry V. (CEO of "UKR Solution") Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders allows Reflected XSS.This issue affects Barcode Scanner with Inventory & Order Manager: from n/a through <= 1.6.6.
CVE-2024-54264 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cmorillas1 Shortcodes Blocks Creator Ultimate ultimate-shortcodes-creator allows Reflected XSS.This issue affects Shortcodes Blocks Creator Ultimate: from n/a through <= 2.2.0.
CVE-2024-54262 2026-04-01 N/A
Unrestricted Upload of File with Dangerous Type vulnerability in sidngr Import Export For WooCommerce import-export-for-woocommerce allows Upload a Web Shell to a Web Server.This issue affects Import Export For WooCommerce: from n/a through <= 1.6.2.
CVE-2024-54261 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in HK Digital Agency LLC TAX SERVICE Electronic HDM virtual-hdm-for-taxservice-am allows SQL Injection.This issue affects TAX SERVICE Electronic HDM: from n/a through <= 1.2.2.
CVE-2024-54260 2 Blazethemes, Wordpress 2 News Kit Elementor Addons, Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in blazethemes News Kit Elementor Addons news-kit-elementor-addons allows Stored XSS.This issue affects News Kit Elementor Addons: from n/a through <= 1.4.2.
CVE-2024-54259 2026-04-01 N/A
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in DELUCKS DELUCKS SEO delucks-seo allows Path Traversal.This issue affects DELUCKS SEO: from n/a through <= 2.7.0.
CVE-2024-54258 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Anzar Ahmed Ni CRM Lead ni-crm-lead allows SQL Injection.This issue affects Ni CRM Lead: from n/a through <= 1.3.0.
CVE-2024-54256 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in Seerox Easy Blocks pro easy-blocks-pro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Easy Blocks pro: from n/a through <= 1.0.21.
CVE-2024-54255 2026-04-01 N/A
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in aviplugins.com Login Widget With Shortcode login-sidebar-widget allows Phishing.This issue affects Login Widget With Shortcode: from n/a through <= 6.1.2.
CVE-2024-54254 2026-04-01 N/A
Missing Authorization vulnerability in Kofi Mokome Message Filter for Contact Form 7 cf7-message-filter.This issue affects Message Filter for Contact Form 7: from n/a through <= 1.6.3.
CVE-2024-54253 1 Wpxpro 1 Xpro Addons For Elementor 2026-04-01 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Xpro Xpro Elementor Addons xpro-elementor-addons.This issue affects Xpro Elementor Addons: from n/a through <= 1.4.6.5.
CVE-2024-54252 2026-04-01 N/A
Missing Authorization vulnerability in DOTonPAPER Pinpoint Booking System booking-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Pinpoint Booking System: from n/a through <= 2.9.9.5.7.
CVE-2024-54251 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in prodigycommerce Prodigy Commerce prodigy-commerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Prodigy Commerce: from n/a through <= 3.1.2.
CVE-2024-54250 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in prodigycommerce Prodigy Commerce prodigy-commerce allows DOM-Based XSS.This issue affects Prodigy Commerce: from n/a through <= 3.0.8.
CVE-2024-54248 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in eewee eewee admin custom eewee-admincustom allows Privilege Escalation.This issue affects eewee admin custom: from n/a through <= 1.8.2.4.
CVE-2024-54246 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Think201 FAQs faqs allows Stored XSS.This issue affects FAQs: from n/a through <= 1.0.2.
CVE-2024-54245 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Think201 Clients clients allows Stored XSS.This issue affects Clients: from n/a through <= 1.1.4.
CVE-2024-54244 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Think201 Easy Replace easy-replace allows Stored XSS.This issue affects Easy Replace: from n/a through <= 1.3.
CVE-2024-54243 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Think201 Echoza echoza allows Stored XSS.This issue affects Echoza: from n/a through <= 0.1.1.