Export limit exceeded: 12525 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (12525 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-33922 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 5.3 Medium |
| Insertion of Sensitive Information into Log File vulnerability in Jordy Meow WP Media Cleaner.This issue affects WP Media Cleaner: from n/a through 6.7.2. | ||||
| CVE-2024-33908 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 5.3 Medium |
| Missing Authorization vulnerability in Themesgrove WidgetKit.This issue affects WidgetKit: from n/a through 2.5.0. | ||||
| CVE-2024-33695 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeNcode Fan Page Widget by ThemeNcode allows Stored XSS.This issue affects Fan Page Widget by ThemeNcode: from n/a through 2.0. | ||||
| CVE-2024-33692 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Satrya Smart Recent Posts Widget allows Stored XSS.This issue affects Smart Recent Posts Widget: from n/a through 1.0.3. | ||||
| CVE-2024-33682 | 1 Wordpress | 1 Gdpr Compliance | 2026-04-28 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Cookie Information A/S WP GDPR Compliance.This issue affects WP GDPR Compliance: from n/a through 2.0.23. | ||||
| CVE-2024-33688 | 2 Extendthemes, Wordpress | 2 Teluro, Teluro Theme | 2026-04-28 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Extend Themes Teluro.This issue affects Teluro: from n/a through 1.0.31. | ||||
| CVE-2024-33646 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Toast Plugins Sticky Anything allows Cross-Site Scripting (XSS).This issue affects Sticky Anything: from n/a through 2.1.5. | ||||
| CVE-2024-33645 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Eftakhairul Islam & Sirajus Salayhin Easy Set Favicon allows Reflected XSS.This issue affects Easy Set Favicon: from n/a through 1.1. | ||||
| CVE-2024-33643 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kailey Lampert Advanced Most Recent Posts Mod allows Stored XSS.This issue affects Advanced Most Recent Posts Mod: from n/a through 1.6.5.2. | ||||
| CVE-2024-33641 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 5.4 Medium |
| Deserialization of Untrusted Data vulnerability in Team Yoast Custom field finder.This issue affects Custom field finder: from n/a through 0.3. | ||||
| CVE-2024-33637 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 7.5 High |
| Insertion of Sensitive Information into Log File vulnerability in Solid Plugins Solid Affiliate.This issue affects Solid Affiliate: from n/a through 1.9.1. | ||||
| CVE-2024-33592 | 2 Softlab, Wordpress | 2 Radio Player, Wordpress | 2026-04-28 | 5.4 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in SoftLab Radio Player.This issue affects Radio Player: from n/a through 2.0.73. | ||||
| CVE-2024-33636 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 5.4 Medium |
| Missing Authorization vulnerability in Mahesh Vora WP Page Post Widget Clone.This issue affects WP Page Post Widget Clone: from n/a through 1.0.1. | ||||
| CVE-2024-33585 | 1 Wordpress | 1 Payment Gateway Based Fees And Discounts For Woocommerce | 2026-04-28 | 4.3 Medium |
| Missing Authorization vulnerability in Tyche Softwares Payment Gateway Based Fees and Discounts for WooCommerce.This issue affects Payment Gateway Based Fees and Discounts for WooCommerce: from n/a through 2.12.1. | ||||
| CVE-2024-33598 | 2 Twinpictures, Wordpress | 2 Annual Archive, Wordpress | 2026-04-28 | 5.9 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Twinpictures Annual Archive allows Stored XSS.This issue affects Annual Archive: from n/a through 1.6.0. | ||||
| CVE-2024-33573 | 1 Wordpress | 1 Wordpress | 2026-04-28 | 4.3 Medium |
| Missing Authorization vulnerability in EPROLO EPROLO Dropshipping.This issue affects EPROLO Dropshipping: from n/a through 1.7.1. | ||||
| CVE-2024-33576 | 1 Wordpress | 1 Wppizza | 2026-04-28 | 6.5 Medium |
| Missing Authorization vulnerability in Ollybach WPPizza.This issue affects WPPizza: from n/a through 3.18.10. | ||||
| CVE-2024-33566 | 1 Wordpress | 1 Orderconvo | 2026-04-28 | 10 Critical |
| Missing Authorization vulnerability in N-Media OrderConvo allows OS Command Injection.This issue affects OrderConvo: from n/a through 12.4. | ||||
| CVE-2024-33548 | 2 Aa-team, Wordpress | 2 Wzone, Wordpress | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AA-Team WZone allows Reflected XSS.This issue affects WZone: from n/a through 14.0.10. | ||||
| CVE-2024-33546 | 2 Aa-team, Wordpress | 2 Wzone, Wordpress | 2026-04-28 | 9.6 Critical |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AA-Team WZone allows SQL Injection.This issue affects WZone: from n/a through 14.0.10. | ||||