Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (11921 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-56243 1 Wordpress 1 Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in JS Morisset WPSSO Core wpsso allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPSSO Core: from n/a through <= 18.18.1.
CVE-2024-56241 2 Wordpress, Wpkoi 2 Wordpress, Wpkoi Templates For Elementor 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpkoithemes WPKoi Templates for Elementor wpkoi-templates-for-elementor allows Stored XSS.This issue affects WPKoi Templates for Elementor: from n/a through <= 3.1.3.
CVE-2024-56240 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pronamic Pronamic Google Maps pronamic-google-maps allows Stored XSS.This issue affects Pronamic Google Maps: from n/a through <= 2.3.2.
CVE-2024-56239 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in themifyme Themify Audio Dock themify-audio-dock allows Stored XSS.This issue affects Themify Audio Dock: from n/a through <= 2.0.4.
CVE-2024-56235 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vicky Kumar Coupon coupon-lite allows DOM-Based XSS.This issue affects Coupon: from n/a through <= 1.2.2.
CVE-2024-56234 1 Wordpress 1 Wordpress 2026-04-23 5.4 Medium
Missing Authorization vulnerability in vowelweb VW Automobile Lite vw-automobile-lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Automobile Lite: from n/a through <= 2.1.
CVE-2024-56232 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in Alex Volkov WP Nice Loader wp-nice-loader allows Stored XSS.This issue affects WP Nice Loader: from n/a through <= 0.1.0.4.
CVE-2024-56231 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Debuggers Studio SaasPricing saaspricing allows DOM-Based XSS.This issue affects SaasPricing: from n/a through <= 1.2.4.
CVE-2024-56224 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ledenbeheer Ledenbeheer ledenbeheer-external-connection allows Stored XSS.This issue affects Ledenbeheer: from n/a through <= 2.1.0.
CVE-2024-56223 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fahad Mahmood Gulri Slider gulri-slider allows Reflected XSS.This issue affects Gulri Slider: from n/a through <= 3.5.8.
CVE-2024-56219 2 Marketingfire, Wordpress 2 Widget-options, Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in Marketing Fire Widget Options widget-options allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Widget Options: from n/a through <= 4.0.6.1.
CVE-2024-56218 1 Wordpress 1 Wordpress 2026-04-23 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in sevenspark Contact Form 7 – Dynamic Text Extension contact-form-7-dynamic-text-extension allows Cross Site Request Forgery.This issue affects Contact Form 7 – Dynamic Text Extension: from n/a through <= 5.0.1.
CVE-2024-56214 1 Wordpress 1 Wordpress 2026-04-23 8.3 High
Path Traversal: '.../...//' vulnerability in DeluxeThemes Userpro userpro allows Path Traversal.This issue affects Userpro: from n/a through <= 5.1.9.
CVE-2024-56213 2 Themewinter, Wordpress 2 Eventin, Wordpress 2026-04-23 6.5 Medium
Path Traversal: '.../...//' vulnerability in Arraytics Eventin wp-event-solution allows Path Traversal.This issue affects Eventin: from n/a through <= 4.0.7.
CVE-2024-56212 1 Wordpress 1 Wordpress 2026-04-23 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in DeluxeThemes Userpro userpro.This issue affects Userpro: from n/a through <= 5.1.9.
CVE-2024-56211 1 Wordpress 1 Wordpress 2026-04-23 8.8 High
Missing Authorization vulnerability in DeluxeThemes Userpro userpro.This issue affects Userpro: from n/a through <= 5.1.9.
CVE-2024-56210 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DeluxeThemes Userpro userpro allows Reflected XSS.This issue affects Userpro: from n/a through <= 5.1.9.
CVE-2024-56209 1 Wordpress 1 Wordpress 2026-04-23 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SeventhQueen Kleo kleo allows Reflected XSS.This issue affects Kleo: from n/a through < 5.4.4.
CVE-2024-56206 1 Wordpress 1 Wordpress 2026-04-23 8.8 High
Cross-Site Request Forgery (CSRF) vulnerability in krishankakkar gap-hub-user-role gap-hub-user-role allows Authentication Bypass.This issue affects gap-hub-user-role: from n/a through <= 3.4.1.
CVE-2024-56205 1 Wordpress 1 Wordpress 2026-04-23 9.8 Critical
Incorrect Privilege Assignment vulnerability in SunnyKai AI Magic newsletter-page-redirects allows Privilege Escalation.This issue affects AI Magic: from n/a through <= 1.0.4.