1.8.3 CVEs and Security Vulnerabilities

Search

Expected end of text, found '.' (at char 29), (line:1, col:30)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (341846 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-44021	1 Truepush	1 Truepush	2026-04-01	8.8 High
Missing Authorization vulnerability in truepushplugin Truepush truepush-free-web-push-notifications.This issue affects Truepush: from n/a through <= 1.0.8.
CVE-2024-44020	1 Prasadkirpekar	1 Wp Free Ssl	2026-04-01	8.8 High
Missing Authorization vulnerability in prasadkirpekar WP Free SSL – Free SSL Certificate for WordPress and force HTTPS wp-free-ssl.This issue affects WP Free SSL – Free SSL Certificate for WordPress and force HTTPS: from n/a through <= 1.2.7.
CVE-2024-44019	1 Renzojohnson	2 Contact Form 7 Campaign Monitor Extension, Contact Form 7 Compaign Monitor Extension	2026-04-01	9.8 Critical
Missing Authorization vulnerability in Renzo Johnson Contact Form 7 Campaign Monitor Extension contact-form-7-campaign-monitor-extension.This issue affects Contact Form 7 Campaign Monitor Extension: from n/a through <= 0.4.67.
CVE-2024-44018	1 Istmo Plugins	1 Instant Chat Floating Button For Wordpress Websites	2026-04-01	N/A
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in istmoplugins Instant Chat Floating Button for WordPress Websites instant-chat-wp allows PHP Local File Inclusion.This issue affects Instant Chat Floating Button for WordPress Websites: from n/a through <= 1.0.5.
CVE-2024-44017	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in MinHyeong Lim MH Board mh-board allows PHP Local File Inclusion.This issue affects MH Board: from n/a through <= 1.3.2.1.
CVE-2024-44016	1 Mark Steadman	1 Podiant	2026-04-01	N/A
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in amarksteadman Podiant podiant allows PHP Local File Inclusion.This issue affects Podiant: from n/a through <= 1.1.
CVE-2024-44015	1 Userscontrol	1 Users Control	2026-04-01	N/A
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in istmoplugins Users Control users-control allows PHP Local File Inclusion.This issue affects Users Control: from n/a through <= 1.0.16.
CVE-2024-44014	1 Vmaxstudio	1 Vmax Project Manager	2026-04-01	N/A
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Vmax Studio Vmax Project Manager vmax-project-manager allows PHP Local File Inclusion.This issue affects Vmax Project Manager: from n/a through <= 1.0.
CVE-2024-44013	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Innate Images LLC VR Calendar vr-calendar-sync allows PHP Local File Inclusion.This issue affects VR Calendar: from n/a through <= 2.4.0.
CVE-2024-44012			2026-04-01	N/A
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in wpdev33 WP Newsletter Subscription wp-newsletter-subscription allows PHP Local File Inclusion.This issue affects WP Newsletter Subscription: from n/a through <= 1.1.
CVE-2024-44011	1 Wordpress	1 Wordpress	2026-04-01	N/A
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in ExpressTech Systems WP Ticket Ultra Help Desk & Support Plugin wp-ticket-ultra allows PHP Local File Inclusion.This issue affects WP Ticket Ultra Help Desk & Support Plugin: from n/a through <= 1.0.5.
CVE-2024-44010	2 Catchthemes, Wordpress	2 Full Frame, Wordpress	2026-04-01	N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catchthemes Full frame full-frame allows Stored XSS.This issue affects Full frame: from n/a through <= 2.7.2.
CVE-2024-44009	1 Wclovers	1 Wcfm Marketplace	2026-04-01	6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WC Lovers WCFM Marketplace wc-multivendor-marketplace allows Reflected XSS.This issue affects WCFM Marketplace: from n/a through <= 3.6.11.
CVE-2024-44008	1 Cyberhobo	1 Geo Mashup	2026-04-01	5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dylan Kuhn Geo Mashup geo-mashup allows Stored XSS.This issue affects Geo Mashup: from n/a through <= 1.13.12.
CVE-2024-44007	1 Sktthemes	1 Skt Templates	2026-04-01	6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in sonalsinha21 SKT Templates – Elementor & Gutenberg templates skt-templates allows Reflected XSS.This issue affects SKT Templates – Elementor & Gutenberg templates: from n/a through <= 6.14.
CVE-2024-44006	1 Onthegosystems	1 Woocommerce Multilingual \& Multicurrency	2026-04-01	8.8 High
Missing Authorization vulnerability in Amir Helzer WooCommerce Multilingual & Multicurrency woocommerce-multilingual.This issue affects WooCommerce Multilingual & Multicurrency: from n/a through <= 5.3.6.
CVE-2024-44005	1 Wpsoul	1 Greenshift	2026-04-01	5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpsoul Greenshift greenshift-animation-and-page-builder-blocks allows Stored XSS.This issue affects Greenshift: from n/a through <= 9.3.7.
CVE-2024-44004	1 Wptaskforce	2 Track \& Trace, Wpcargo Track \& Trace	2026-04-01	9.8 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Arni Cinco WPCargo Track & Trace wpcargo allows SQL Injection.This issue affects WPCargo Track & Trace: from n/a through <= 8.0.2.
CVE-2024-44003	1 Spicethemes	1 Spice Starter Sites	2026-04-01	6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in spicethemes Spice Starter Sites spice-starter-sites allows Reflected XSS.This issue affects Spice Starter Sites: from n/a through <= 1.2.5.
CVE-2024-44002	1 Pickplugins	1 Team Showcase	2026-04-01	6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins Team Showcase team allows Reflected XSS.This issue affects Team Showcase: from n/a through <= 1.22.25.

« first previous Page 367 of 17093. next last »