Search Results (36978 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-53807 1 Wpmailster 1 Wp Mailster 2026-04-23 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in brandtoss WP Mailster wp-mailster allows Blind SQL Injection.This issue affects WP Mailster: from n/a through <= 1.8.16.0.
CVE-2024-53806 2 Wordpress, Wpmaspik 2 Wordpress, Maspik 2026-04-23 5.4 Medium
Missing Authorization vulnerability in yonifre Maspik – Spam blacklist contact-forms-anti-spam allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Maspik – Spam blacklist: from n/a through <= 2.2.7.
CVE-2024-53805 2 Mailster, Wpmailster 2 Mailster, Wp Mailster 2026-04-23 7.5 High
Missing Authorization vulnerability in brandtoss WP Mailster wp-mailster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Mailster: from n/a through <= 1.8.16.0.
CVE-2024-53803 1 Wpmailster 1 Wp Mailster 2026-04-23 6.5 Medium
Missing Authorization vulnerability in brandtoss WP Mailster wp-mailster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Mailster: from n/a through <= 1.8.16.0.
CVE-2024-53799 2026-04-23 4.3 Medium
Missing Authorization vulnerability in BAKKBONE Australia FloristPress bakkbone-florist-companion allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects FloristPress: from n/a through <= 7.3.0.
CVE-2024-53798 1 Wordpress 1 Wordpress 2026-04-23 5.4 Medium
Missing Authorization vulnerability in BAKKBONE Australia FloristPress bakkbone-florist-companion.This issue affects FloristPress: from n/a through <= 7.3.0.
CVE-2024-53795 1 Churchadminplugin 1 Church Admin 2026-04-23 5.3 Medium
Missing Authorization vulnerability in andy_moyle Church Admin church-admin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Church Admin: from n/a through <= 5.0.8.
CVE-2024-53792 1 Kibokolabs 1 Watu Quiz 2026-04-23 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Bob Watu Quiz watu allows SQL Injection.This issue affects Watu Quiz: from n/a through <= 3.4.1.2.
CVE-2024-53784 2 E-goi, Wordpress 2 Smart Marketing Sms And Newsletters Forms, Wordpress 2026-04-23 4.3 Medium
Missing Authorization vulnerability in E-goi Smart Marketing SMS and Newsletters Forms smart-marketing-for-wp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart Marketing SMS and Newsletters Forms: from n/a through <= 5.0.4.
CVE-2024-53783 2026-04-23 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Anzar Ahmed Ni WooCommerce Cost Of Goods ni-woocommerce-cost-of-goods.This issue affects Ni WooCommerce Cost Of Goods: from n/a through <= 3.2.8.
CVE-2024-53708 1 Autoquiz 1 Ai Quiz 2026-04-23 5.3 Medium
Missing Authorization vulnerability in kekotron AI Quiz ai-quiz allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects AI Quiz: from n/a through <= 1.1.
CVE-2024-52500 1 Wordpress 1 Wordpress 2026-04-23 7.2 High
Missing Authorization vulnerability in monetagwp Monetag Official Plugin monetag-official allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Monetag Official Plugin: from n/a through <= 1.1.3.
CVE-2024-52495 1 Wordpress 1 Wordpress 2026-04-23 8.5 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in enituretechnology Distance Based Shipping Calculator distance-based-shipping-calculator allows SQL Injection.This issue affects Distance Based Shipping Calculator: from n/a through <= 2.0.23.
CVE-2024-52485 1 Wordpress 1 Wordpress 2026-04-23 6.5 Medium
Missing Authorization vulnerability in Yudiz Solutions Ltd. WP Menu Image wp-menu-image allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Menu Image: from n/a through <= 2.2.
CVE-2024-52436 1 Wpexperts 1 Post Smtp 2026-04-23 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Saad Iqbal Post SMTP post-smtp allows Blind SQL Injection.This issue affects Post SMTP: from n/a through <= 2.9.9.
CVE-2024-52435 1 Wpdownloadmanager 1 Premium Packages - Sell Digital Products Securely 2026-04-23 7.6 High
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Shahjada WPDM – Premium Packages wpdm-premium-packages.This issue affects WPDM – Premium Packages: from n/a through <= 6.0.5.
CVE-2024-52434 1 Supsystic 1 Popup 2026-04-23 9.1 Critical
Deserialization of Untrusted Data vulnerability in supsystic Popup by Supsystic popup-by-supsystic allows Command Injection.This issue affects Popup by Supsystic: from n/a through <= 1.10.29.
CVE-2024-52427 2 Saso Nikolov, Vollstart 2 Event Tickets With Ticket Scanner, Event Tickets With Ticket Scanner 2026-04-23 9.9 Critical
Deserialization of Untrusted Data vulnerability in Vollstart Event Tickets with Ticket Scanner event-tickets-with-ticket-scanner allows Server Side Include (SSI) Injection.This issue affects Event Tickets with Ticket Scanner: from n/a through <= 2.3.11.
CVE-2024-52416 1 Eugenbobrowski 1 Debug Tool 2026-04-23 10 Critical
Missing Authorization vulnerability in Eugen Bobrowski Debug Tool debug-tool allows Upload a Web Shell to a Web Server.This issue affects Debug Tool: from n/a through <= 2.2.
CVE-2024-52395 1 Quantumcloud 1 Floating Buttons 2026-04-23 5.3 Medium
Missing Authorization vulnerability in QuantumCloud Floating Buttons for WooCommerce shop-assistant-for-woocommerce-jarvis allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Floating Buttons for WooCommerce: from n/a through <= 2.8.8.