Search

Expected end of text, found ':' (at char 23), (line:1, col:24)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (342065 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-56248 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Ludwig You WPMasterToolKit wpmastertoolkit allows Path Traversal.This issue affects WPMasterToolKit: from n/a through <= 1.13.1.
CVE-2024-56247 1 Afthemes 1 Wp Post Author 2026-04-01 7.2 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AF themes WP Post Author wp-post-author allows SQL Injection.This issue affects WP Post Author: from n/a through <= 3.8.2.
CVE-2024-56246 2 Posimyth, Wordpress 2 Nexter Blocks, Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in POSIMYTH Nexter Blocks the-plus-addons-for-block-editor allows DOM-Based XSS.This issue affects Nexter Blocks: from n/a through <= 4.0.4.
CVE-2024-56245 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leap13 Premium Blocks – Gutenberg Blocks for WordPress premium-blocks-for-gutenberg allows Stored XSS.This issue affects Premium Blocks – Gutenberg Blocks for WordPress: from n/a through <= 2.1.42.
CVE-2024-56244 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in WP Royal Ashe Extra ashe-extra allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ashe Extra: from n/a through <= 1.2.92.
CVE-2024-56243 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in JS Morisset WPSSO Core wpsso allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPSSO Core: from n/a through <= 18.18.1.
CVE-2024-56242 1 Tychesoftwares 1 Arconix Shortcodes 2026-04-01 5.4 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in tychesoftwares Arconix Shortcodes arconix-shortcodes allows Stored XSS.This issue affects Arconix Shortcodes: from n/a through <= 2.1.14.
CVE-2024-56241 2 Wordpress, Wpkoi 2 Wordpress, Wpkoi Templates For Elementor 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpkoithemes WPKoi Templates for Elementor wpkoi-templates-for-elementor allows Stored XSS.This issue affects WPKoi Templates for Elementor: from n/a through <= 3.1.3.
CVE-2024-56240 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pronamic Pronamic Google Maps pronamic-google-maps allows Stored XSS.This issue affects Pronamic Google Maps: from n/a through <= 2.3.2.
CVE-2024-56239 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themifyme Themify Audio Dock themify-audio-dock allows Stored XSS.This issue affects Themify Audio Dock: from n/a through <= 2.0.4.
CVE-2024-56238 2026-04-01 N/A
Missing Authorization vulnerability in QuantumCloud Floating Action Buttons floating-action-buttons allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Floating Action Buttons: from n/a through <= 0.9.1.
CVE-2024-56237 1 Contest-gallery 1 Contest Gallery 2026-04-01 4.8 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Stored XSS.This issue affects Contest Gallery: from n/a through <= 24.0.3.
CVE-2024-56236 2026-04-01 N/A
Missing Authorization vulnerability in Juni Hestia Nginx Cache hestia-nginx-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hestia Nginx Cache: from n/a through <= 2.4.0.
CVE-2024-56235 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vicky Kumar Coupon coupon-lite allows DOM-Based XSS.This issue affects Coupon: from n/a through <= 1.2.2.
CVE-2024-56234 1 Wordpress 1 Wordpress 2026-04-01 N/A
Missing Authorization vulnerability in vowelweb VW Automobile Lite vw-automobile-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Automobile Lite: from n/a through <= 2.1.
CVE-2024-56233 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in kinhelios KinTPV WooConnect kintpv-connect allows Stored XSS.This issue affects KinTPV WooConnect: from n/a through <= 8.129.
CVE-2024-56232 1 Wordpress 1 Wordpress 2026-04-01 N/A
Cross-Site Request Forgery (CSRF) vulnerability in Alex Volkov WP Nice Loader wp-nice-loader allows Stored XSS.This issue affects WP Nice Loader: from n/a through <= 0.1.0.4.
CVE-2024-56231 1 Wordpress 1 Wordpress 2026-04-01 N/A
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Debuggers Studio SaasPricing saaspricing allows DOM-Based XSS.This issue affects SaasPricing: from n/a through <= 1.2.4.
CVE-2024-56230 2026-04-01 N/A
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Maidul Dynamic Product Category Grid, Slider for WooCommerce dynamic-product-categories-design allows PHP Local File Inclusion.This issue affects Dynamic Product Category Grid, Slider for WooCommerce: from n/a through <= 1.1.3.
CVE-2024-56229 1 Searchiq 1 Searchiq 2026-04-01 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in SearchIQ SearchIQ searchiq.This issue affects SearchIQ: from n/a through <= 4.6.