Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (79414 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-31087 1 Wordpress 1 Wordpress 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Joel Starnes pageMash > Page Management allows Reflected XSS.This issue affects pageMash > Page Management: from n/a through 1.3.0.
CVE-2024-31091 1 Wordpress 1 Wordpress 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SparkWeb Interactive, Inc. Custom Field Bulk Editor allows Reflected XSS.This issue affects Custom Field Bulk Editor: from n/a through 1.9.1.
CVE-2024-31109 2026-04-28 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in Toastie Studio Woocommerce Social Media Share Buttons allows Stored XSS.This issue affects Woocommerce Social Media Share Buttons: from n/a through 1.3.0.
CVE-2024-31105 1 Wordpress 1 Wordpress 2026-04-28 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in Adam Bowen Tax Rate Upload allows Reflected XSS.This issue affects Tax Rate Upload: from n/a through 2.4.5.
CVE-2024-31098 1 Mrebabi 1 New Order Notification For Woocommerce 2026-04-28 7.1 High
Missing Authorization vulnerability in Mr.Ebabi New Order Notification for Woocommerce.This issue affects New Order Notification for Woocommerce: from n/a through 2.0.2.
CVE-2024-31097 1 Wordpress 1 Wordpress 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Stephan Spencer SEO Title Tag allows Reflected XSS.This issue affects SEO Title Tag: from n/a through 3.5.9.
CVE-2024-31106 1 Yooslider 1 Yoo Slider 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Yooslider Yoo Slider allows Reflected XSS.This issue affects Yoo Slider: from n/a through 2.1.1.
CVE-2024-31103 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kanban for WordPress Kanban Boards for WordPress allows Reflected XSS.This issue affects Kanban Boards for WordPress: from n/a through 2.5.21.
CVE-2024-31090 1 Wordpress 1 Wordpress 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 荒野无灯 Hacklog Down As PDF allows Reflected XSS.This issue affects Hacklog Down As PDF: from n/a through 2.3.6.
CVE-2024-31093 1 Wordpress 1 Wordpress 2026-04-28 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in Kaloyan K. Tsvetkov Broken Images allows Cross-Site Scripting (XSS).This issue affects Broken Images: from n/a through 0.2.
CVE-2024-31084 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pulsar Web Design Weekly Class Schedule allows Reflected XSS.This issue affects Weekly Class Schedule: from n/a through 3.19.
CVE-2024-31085 1 Wordpress 1 Wordpress 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rob Marsh, SJ Post-Plugin Library allows Reflected XSS.This issue affects Post-Plugin Library: from n/a through 2.6.2.1.
CVE-2024-31086 1 Wordpress 1 Wordpress 2026-04-28 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in Venugopal Change default login logo,url and title allows Cross-Site Scripting (XSS).This issue affects Change default login logo,url and title: from n/a through 2.0.
CVE-2024-30561 1 Wordpress 1 Wordpress 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Scientech It Solution Appointment Calendar allows Reflected XSS.This issue affects Appointment Calendar: from n/a through 2.9.6.
CVE-2024-30550 1 Wpdevart 1 Gallery 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpdevart Responsive Image Gallery, Gallery Album allows Reflected XSS.This issue affects Responsive Image Gallery, Gallery Album: from n/a through 2.0.3.
CVE-2024-30551 1 Wordpress 1 Wordpress 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Toast Plugins Sticky Anything.This issue affects Sticky Anything: from n/a through 2.1.5.
CVE-2024-30545 2026-04-28 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in Nick Powers Social Author Bio allows Stored XSS.This issue affects Social Author Bio: from n/a through 2.4.
CVE-2024-30535 2 Whitestudio, Wordpress 2 Easy Form Builder, Wordpress 2026-04-28 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WhiteStudio Easy Form Builder.This issue affects Easy Form Builder: from n/a through 3.7.4.
CVE-2024-30504 1 Wptravelengine 1 Wp Travel Engine 2026-04-28 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Travel Engine.This issue affects WP Travel Engine: from n/a through 5.7.9.
CVE-2024-30506 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vsourz Digital All In One Redirection allows Stored XSS.This issue affects All In One Redirection: from n/a through 2.2.0.