Search

Expected end of text, found '.' (at char 25), (line:1, col:26)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (341846 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-54288 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LDD Web Design LDD Directory Lite ldd-directory-lite allows Reflected XSS.This issue affects LDD Directory Lite: from n/a through <= 3.3.
CVE-2024-54287 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Best WP Developer Advanced Blog Post Block advanced-blog-post-block allows Stored XSS.This issue affects Advanced Blog Post Block: from n/a through <= 1.0.4.
CVE-2024-54286 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Smaily Smaily for WP smaily-for-wp allows Stored XSS.This issue affects Smaily for WP: from n/a through <= 3.1.5.
CVE-2024-54282 1 Wordpress 1 Wordpress 2026-04-01 N/A
Deserialization of Untrusted Data vulnerability in Themeum WP Mega Menu wp-megamenu allows Object Injection.This issue affects WP Mega Menu: from n/a through <= 1.4.2.
CVE-2024-54280 1 Iqonic 1 Wpbookit 2026-04-01 9.8 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Iqonic Design WPBookit wpbookit allows SQL Injection.This issue affects WPBookit: from n/a through <= 1.6.0.
CVE-2024-54279 1 Wordpress 1 Wordpress 2026-04-01 N/A
Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Tobias Keller WP-NERD Toolkit wp-nerd-toolkit.This issue affects WP-NERD Toolkit: from n/a through <= 1.1.
CVE-2024-54278 2026-04-01 N/A
Missing Authorization vulnerability in Plugin Devs News Ticker for Elementor news-ticker-for-elementor allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects News Ticker for Elementor: from n/a through <= 2.1.3.
CVE-2024-54277 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Alireza Aliniya Nias course nias-course allows DOM-Based XSS.This issue affects Nias course: from n/a through <= 1.2.10.
CVE-2024-54276 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in devfelixmoira Poll Builder poll-builder allows Stored XSS.This issue affects Poll Builder: from n/a through <= 1.3.5.
CVE-2024-54275 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wibergsweb CSV to html csv-to-html allows Reflected XSS.This issue affects CSV to html: from n/a through <= 3.08.
CVE-2024-54274 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Octrace WordPress HelpDesk & Support Ticket System Plugin – Octrace Support octrace-support allows Reflected XSS.This issue affects WordPress HelpDesk & Support Ticket System Plugin – Octrace Support: from n/a through <= 1.2.7.
CVE-2024-54273 2026-04-01 N/A
Deserialization of Untrusted Data vulnerability in PickPlugins Mail Picker mail-picker allows Object Injection.This issue affects Mail Picker: from n/a through <= 1.0.14.
CVE-2024-54272 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in RadiusTheme Radius Blocks radius-blocks allows Stored XSS.This issue affects Radius Blocks: from n/a through <= 2.1.2.
CVE-2024-54271 2026-04-01 N/A
Missing Authorization vulnerability in Arni Cinco WPCargo Track & Trace wpcargo allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPCargo Track & Trace: from n/a through <= 8.0.2.
CVE-2024-54270 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Axeptio Axeptio axeptio-sdk-integration allows PHP Local File Inclusion.This issue affects Axeptio: from n/a through <= 2.5.4.
CVE-2024-54269 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in Ninja Team Notibar notibar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Notibar: from n/a through <= 2.1.4.
CVE-2024-54268 1 Siteorigin 1 Siteorigin Widgets Bundle 2026-04-01 8.8 High
Missing Authorization vulnerability in Greg - SiteOrigin SiteOrigin Widgets Bundle so-widgets-bundle allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SiteOrigin Widgets Bundle: from n/a through <= 1.64.0.
CVE-2024-54267 2026-04-01 N/A
Missing Authorization vulnerability in CreativeMindsSolutions CM Answers cm-answers allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects CM Answers: from n/a through <= 3.2.6.
CVE-2024-54266 1 Imagerecycle 1 Imagerecycle Pdf \& Image Compression 2026-04-01 6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ImageRecycle ImageRecycle pdf & image compression imagerecycle-pdf-image-compression allows Reflected XSS.This issue affects ImageRecycle pdf & image compression: from n/a through <= 3.1.16.
CVE-2024-54265 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dmitry V. (CEO of "UKR Solution") Barcode Scanner with Inventory & Order Manager barcode-scanner-lite-pos-to-manage-products-inventory-and-orders allows Reflected XSS.This issue affects Barcode Scanner with Inventory & Order Manager: from n/a through <= 1.6.6.