Search

Expected end of text, found '.' (at char 22), (line:1, col:23)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (342050 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-39646 1 Kunalnagar 1 Custom 404 Pro 2026-04-01 6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kunal Custom 404 Pro custom-404-pro.This issue affects Custom 404 Pro: from n/a through <= 3.11.1.
CVE-2024-39637 1 Wordpress 1 Wordpress 2026-04-01 N/A
Server-Side Request Forgery (SSRF) vulnerability in pixelcurve Edubin edubin.This issue affects Edubin: from n/a through <= 9.2.0.
CVE-2024-39631 2 Contest-gallery, Contest Gallery 2 Contest Gallery, Contest Gallery 2026-04-01 6.1 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery.This issue affects Contest Gallery: from n/a through <= 23.1.2.
CVE-2024-39626 1 5starplugins 1 Pretty Simple Popup Builder 2026-04-01 4.8 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rob @ 5 Star Plugins Pretty Simple Popup Builder pretty-simple-popup-builder allows Stored XSS.This issue affects Pretty Simple Popup Builder: from n/a through <= 1.0.9.
CVE-2024-39624 1 Cridio 1 Listingpro 2026-04-01 8.8 High
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in CridioStudio ListingPro listingpro allows PHP Local File Inclusion.This issue affects ListingPro: from n/a through <= 2.9.4.
CVE-2024-39623 1 Cridio 1 Listingpro 2026-04-01 8.8 High
Cross-Site Request Forgery (CSRF) vulnerability in CridioStudio ListingPro listingpro allows Authentication Bypass.This issue affects ListingPro: from n/a through <= 2.9.4.
CVE-2024-39622 1 Cridio 1 Listingpro 2026-04-01 9.8 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CridioStudio ListingPro listingpro allows SQL Injection.This issue affects ListingPro: from n/a through <= 2.9.4.
CVE-2024-39621 1 Cridio 1 Listingpro 2026-04-01 7.2 High
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in CridioStudio ListingPro listingpro-plugin allows PHP Local File Inclusion.This issue affects ListingPro: from n/a through <= 2.9.4.
CVE-2024-39620 1 Cridio 1 Listingpro 2026-04-01 8.8 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CridioStudio ListingPro listingpro-plugin allows SQL Injection.This issue affects ListingPro: from n/a through <= 2.9.4.
CVE-2024-39619 1 Cridio 1 Listingpro 2026-04-01 9.8 Critical
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in CridioStudio ListingPro listingpro-plugin allows PHP Local File Inclusion.This issue affects ListingPro: from n/a through <= 2.9.4.
CVE-2024-38795 1 Cridio 1 Listingpro 2026-04-01 9.8 Critical
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CridioStudio ListingPro listingpro-plugin allows SQL Injection.This issue affects ListingPro: from n/a through <= 2.9.4.
CVE-2024-38790 1 Wordpress 1 Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Smartsupp Smartsupp – live chat, chatbots, AI and lead generation smartsupp-live-chat allows Cross Site Request Forgery.This issue affects Smartsupp – live chat, chatbots, AI and lead generation: from n/a through <= 3.6.
CVE-2024-38789 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Marco Milesi Telegram Bot & Channel telegram-bot allows Cross Site Request Forgery.This issue affects Telegram Bot & Channel: from n/a through <= 3.8.2.
CVE-2024-38787 1 Codection 1 Import And Export Users And Customers 2026-04-01 N/A
Insertion of Sensitive Information Into Sent Data vulnerability in Javier Carazo Import and export users and customers import-users-from-csv-with-meta.This issue affects Import and export users and customers: from n/a through <= 1.26.8.
CVE-2024-38778 1 Wordpress 1 Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Epsiloncool WP Fast Total Search fulltext-search.This issue affects WP Fast Total Search: from n/a through <= 1.69.234.
CVE-2024-38771 1 Atarim 1 Atarim 2026-04-01 N/A
Missing Authorization vulnerability in Vito Peleg Atarim atarim-visual-collaboration.This issue affects Atarim: from n/a through <= 4.0.
CVE-2024-38766 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in matomoteam Matomo Analytics matomo allows Cross Site Request Forgery.This issue affects Matomo Analytics: from n/a through <= 5.1.1.
CVE-2024-38765 1 Wordpress 1 Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in outtheboxthemes Oceanic oceanic allows Cross Site Request Forgery.This issue affects Oceanic: from n/a through <= 1.0.48.
CVE-2024-38763 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in themes4wp Popularis Verse popularis-verse allows Cross Site Request Forgery.This issue affects Popularis Verse: from n/a through <= 1.1.1.
CVE-2024-38762 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in StellarWP Event Tickets event-tickets allows Cross Site Request Forgery.This issue affects Event Tickets: from n/a through <= 5.11.0.4.