Search

Expected end of text, found '.' (at char 21), (line:1, col:22)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (341809 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-27987 2 Givewp, Wordpress 3 Give, Givewp, Wordpress 2026-04-01 6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in StellarWP GiveWP give.This issue affects GiveWP: from n/a through <= 3.3.1.
CVE-2024-27972 1 Verygoodplugins 1 Wp Fusion 2026-04-01 N/A
Improper Control of Generation of Code ('Code Injection') vulnerability in Jack Arturo WP Fusion Lite wp-fusion-lite.This issue affects WP Fusion Lite: from n/a through <= 3.41.24.
CVE-2024-27971 1 Premmerce 1 Permalink Manager For Woocommerce 2026-04-01 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Premmerce Premmerce Permalink Manager for WooCommerce woo-permalink-manager.This issue affects Premmerce Permalink Manager for WooCommerce: from n/a through <= 2.3.10.
CVE-2024-27965 1 Getwpfunnels 1 Wpfunnels 2026-04-01 4.8 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFunnels WPFunnels wpfunnels.This issue affects WPFunnels: from n/a through <= 3.0.6.
CVE-2024-27950 1 Sirv 1 Sirv 2026-04-01 8.8 High
Missing Authorization vulnerability in Sirv CDN and Image Hosting Sirv sirv.This issue affects Sirv: from n/a through <= 7.2.0.
CVE-2024-27949 1 Sirv 1 Sirv 2026-04-01 N/A
Server-Side Request Forgery (SSRF) vulnerability in Sirv CDN and Image Hosting Sirv sirv.This issue affects Sirv: from n/a through <= 7.2.0.
CVE-2024-27195 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in sverde1 Watermark RELOADED watermark-reloaded allows Cross Site Request Forgery.This issue affects Watermark RELOADED: from n/a through <= 1.3.5.
CVE-2024-27193 1 Woocommerce 1 Payu India Payment Gateway 2026-04-01 6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PayU India PayU India payu-india allows DOM-Based XSS.This issue affects PayU India: from n/a through <= 3.8.8.
CVE-2024-27191 2 Inpersttion, Wordpress 2 Slivery Extender, Wordpress 2026-04-01 N/A
Improper Control of Generation of Code ('Code Injection') vulnerability in inpersttion Slivery Extender slivery-extender allows Remote Code Inclusion.This issue affects Slivery Extender: from n/a through <= 1.0.2.
CVE-2024-27188 2 Cloudways, Wordpress 2 Breeze, Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cloudways Breeze breeze.This issue affects Breeze: from n/a through <= 2.1.3.
CVE-2024-25932 1 Youngtechleads 1 Change Table Prefix 2026-04-01 8.8 High
Cross-Site Request Forgery (CSRF) vulnerability in Manish Kumar Agarwal Change Table Prefix change-table-prefix allows Cross Site Request Forgery.This issue affects Change Table Prefix: from n/a through <= 2.0.
CVE-2024-25918 1 Instawp 1 Instawp Connect 2026-04-01 8.8 High
Improper Control of Generation of Code ('Code Injection') vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP Connect: from n/a through <= 0.1.0.8.
CVE-2024-25599 2 Castos, Wordpress 2 Seriously Simple Podcasting, Wordpress 2026-04-01 6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting.This issue affects Seriously Simple Podcasting: from n/a through <= 3.0.2.
CVE-2024-24888 1 Kadencewp 1 Gutenberg Blocks With Ai 2026-04-01 6.5 Medium
Server-Side Request Forgery (SSRF) vulnerability in StellarWP Gutenberg Blocks by Kadence Blocks kadence-blocks.This issue affects Gutenberg Blocks by Kadence Blocks: from n/a through <= 3.2.25.
CVE-2024-24882 2 Masteriyo, Themegrill 2 Masteriyo, Masteriyo 2026-04-01 9.8 Critical
Incorrect Privilege Assignment vulnerability in masteriyo Masteriyo - LMS learning-management-system.This issue affects Masteriyo - LMS: from n/a through <= 1.7.2.
CVE-2024-24878 1 Webdados 1 Portugal Ctt Tracking For Woocommerce 2026-04-01 6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Marco Almeida | Webdados Portugal CTT Tracking for WooCommerce portugal-ctt-tracking-woocommerce.This issue affects Portugal CTT Tracking for WooCommerce: from n/a through <= 2.1.
CVE-2024-24871 1 Creativethemes 1 Blocksy 2026-04-01 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in creativethemeshq Blocksy blocksy.This issue affects Blocksy: from n/a through <= 2.0.19.
CVE-2024-24833 1 Leevio 1 Happy Addons For Elementor 2026-04-01 8.8 High
Missing Authorization vulnerability in HappyMonster Happy Addons for Elementor happy-elementor-addons.This issue affects Happy Addons for Elementor: from n/a through <= 3.10.1.
CVE-2024-24831 1 Leap13 1 Premium Addons For Elementor 2026-04-01 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leap13 Premium Addons for Elementor premium-addons-for-elementor.This issue affects Premium Addons for Elementor: from n/a through <= 4.10.16.
CVE-2024-23507 1 Instawp 1 Instawp Connect 2026-04-01 8.8 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP Connect: from n/a through <= 0.1.0.9.