Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (327109 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2018-20988 1 Google Forms Project 1 Google Forms 2024-11-21 N/A
The wpgform plugin before 0.94 for WordPress has eval injection in the CAPTCHA calculation.
CVE-2018-20987 1 Tribulant 1 Newsletters 2024-11-21 N/A
The newsletters-lite plugin before 4.6.8.6 for WordPress has PHP object injection.
CVE-2018-20986 1 Advancedcustomfields 1 Advanced Custom Fields 2024-11-21 N/A
The advanced-custom-fields (aka Elliot Condon Advanced Custom Fields) plugin before 5.7.8 for WordPress has XSS by authors.
CVE-2018-20985 1 Payeezy 1 Wp Payeezy Pay 2024-11-21 N/A
The wp-payeezy-pay plugin before 2.98 for WordPress has local file inclusion in pay.php, donate.php, donate-rec, and pay-rec.
CVE-2018-20984 1 Patreon 1 Patreon Wordpress 2024-11-21 N/A
The patreon-connect plugin before 1.2.2 for WordPress has Object Injection.
CVE-2018-20983 1 Meowapps 1 Wp Retina 2x 2024-11-21 N/A
The wp-retina-2x plugin before 5.2.3 for WordPress has XSS.
CVE-2018-20982 1 Davidlingren 1 Media Library Assistant 2024-11-21 N/A
The media-library-assistant plugin before 2.74 for WordPress has XSS via the Media/Assistant or Settings/Media Library assistant admin submenu screens.
CVE-2018-20981 1 Ninjaforms 1 Ninja Forms 2024-11-21 N/A
The ninja-forms plugin before 3.3.9 for WordPress has insufficient restrictions on submission-data retrieval during Export Personal Data requests.
CVE-2018-20980 1 Ninjaforms 1 Ninja Forms 2024-11-21 N/A
The ninja-forms plugin before 3.2.15 for WordPress has parameter tampering.
CVE-2018-20979 1 Rocklobster 1 Contact Form 7 2024-11-21 N/A
The contact-form-7 plugin before 5.0.4 for WordPress has privilege escalation because of capability_type mishandling in register_post_type.
CVE-2018-20978 1 Soflyy 1 Wp All Import 2024-11-21 N/A
The wp-all-import plugin before 3.4.7 for WordPress has XSS.
CVE-2018-20976 2 Linux, Redhat 6 Linux Kernel, Enterprise Mrg, Rhel Aus and 3 more 2024-11-21 N/A
An issue was discovered in fs/xfs/xfs_super.c in the Linux kernel before 4.18. A use after free exists, related to xfs_fs_fill_super failure.
CVE-2018-20975 1 Fatfreecrm 1 Fat Free Crm 2024-11-21 N/A
Fat Free CRM before 0.18.1 has XSS in the tags_helper in app/helpers/tags_helper.rb.
CVE-2018-20974 1 Joomsky 1 Js Job Manager 2024-11-21 N/A
The js-jobs plugin before 1.0.7 for WordPress has CSRF.
CVE-2018-20973 1 Codeermeneer 1 Companion Auto Update 2024-11-21 N/A
The companion-auto-update plugin before 3.2.1 for WordPress has local file inclusion.
CVE-2018-20972 1 Codeermeneer 1 Companion Auto Update 2024-11-21 N/A
The companion-auto-update plugin before 3.2.1 for WordPress has CSRF.
CVE-2018-20971 1 Churchadminplugin 1 Church Admin 2024-11-21 N/A
The church-admin plugin before 1.2550 for WordPress has CSRF affecting the upload of a bible reading plan.
CVE-2018-20970 1 Bestwebsoft 1 Pdf \& Print 2024-11-21 N/A
The pdf-print plugin before 2.0.3 for WordPress has multiple XSS issues.
CVE-2018-20969 2 Gnu, Redhat 6 Patch, Enterprise Linux, Rhel Aus and 3 more 2024-11-21 N/A
do_ed_script in pch.c in GNU patch through 2.7.6 does not block strings beginning with a ! character. NOTE: this is the same commit as for CVE-2019-13638, but the ! syntax is specific to ed, and is unrelated to a shell metacharacter.
CVE-2018-20968 1 Smackcoders 1 Ultimate Exporter 2024-11-21 N/A
The wp-ultimate-exporter plugin before 1.4.2 for WordPress has CSRF.