Search

Expected end of text, found '.' (at char 34), (line:1, col:35)
Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (347095 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-29106 1 Leap13 1 Premium Addons For Elementor 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Leap13 Premium Addons for Elementor allows Stored XSS.This issue affects Premium Addons for Elementor: from n/a through 4.10.16.
CVE-2024-29100 2 Jordy Meow, Meowapps 2 Ai-engine Chatgpt Chatbot, Ai Engine 2026-04-28 9.1 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in Jordy Meow AI Engine: ChatGPT Chatbot.This issue affects AI Engine: ChatGPT Chatbot: from n/a through 2.1.4.
CVE-2024-29102 2 Hasthemes, Wordpress 2 Extensions For Cf7, Wordpress 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes Extensions For CF7 allows Stored XSS.This issue affects Extensions For CF7: from n/a through 3.0.6.
CVE-2024-29105 2 Timersys, Wordpress 2 Wp Popups, Wordpress 2026-04-28 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Timersys WP Popups allows Stored XSS.This issue affects WP Popups: from n/a through 2.1.5.5.
CVE-2024-29094 2 Hasthemes, Wordpress 2 Ht Easy Ga4 \(google Analytics 4\), Wordpress 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in HasThemes HT Easy GA4 ( Google Analytics 4 ) allows Stored XSS.This issue affects HT Easy GA4 ( Google Analytics 4 ): from n/a through 1.1.7.
CVE-2024-29104 1 Wordpress 1 Wordpress 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zimma Ltd. Ticket Tailor allows Stored XSS.This issue affects Ticket Tailor: from n/a through 1.10.
CVE-2024-29099 1 Evergreencontentposter 1 Evergreen Content Poster 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Evergreen Content Poster allows Reflected XSS.This issue affects Evergreen Content Poster: from n/a through 1.4.1.
CVE-2024-29103 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NinjaTeam Database for Contact Form 7 allows Stored XSS.This issue affects Database for Contact Form 7: from n/a through 3.0.6.
CVE-2024-29098 1 Wordpress 1 Wordpress 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Calameo WP Calameo allows Stored XSS.This issue affects WP Calameo: from n/a through 2.1.7.
CVE-2024-29096 1 Wordpress 1 Wordpress 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matt Manning MJM Clinic.This issue affects MJM Clinic: from n/a through 1.1.22.
CVE-2024-29097 1 Wordpress 1 Wordpress 2026-04-28 6.3 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PickPlugins User profile allows Stored XSS.This issue affects User profile: from n/a through 2.0.20.
CVE-2024-2906 2 Softlab, Wordpress 2 Radio Player, Wordpress 2026-04-28 6.5 Medium
Missing Authorization vulnerability in SoftLab Radio Player.This issue affects Radio Player: from n/a through 2.0.73.
CVE-2024-29092 1 Permalink Manager Lite Project 1 Permalink Manager Lite 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Maciej Bis Permalink Manager Lite allows Reflected XSS.This issue affects Permalink Manager Lite: from n/a through 2.4.3.
CVE-2024-2904 2 Extendthemes, Wordpress 2 Calliope, Wordpress 2026-04-28 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Extend Themes Calliope.This issue affects Calliope: from n/a through 1.0.33.
CVE-2024-29091 1 Wordpress 1 Wordpress 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dnesscarkey WP Armour – Honeypot Anti Spam allows Reflected XSS.This issue affects WP Armour – Honeypot Anti Spam: from n/a through 2.1.13.
CVE-2024-29089 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Five Star Plugins Five Star Restaurant Menu allows Stored XSS.This issue affects Five Star Restaurant Menu: from n/a through 2.4.14.
CVE-2024-27996 1 Ays-pro 1 Survey Maker 2026-04-28 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Survey Maker team Survey Maker allows Stored XSS.This issue affects Survey Maker: from n/a through 4.0.5.
CVE-2024-27989 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in I Thirteen Web Solution WP Responsive Tabs horizontal vertical and accordion Tabs allows Stored XSS.This issue affects WP Responsive Tabs horizontal vertical and accordion Tabs: from n/a through 1.1.17.
CVE-2024-2890 1 Tumult 1 Tumult Hype Animations 2026-04-28 9.1 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in Tumult Inc. Tumult Hype Animations.This issue affects Tumult Hype Animations: from n/a through 1.9.12.
CVE-2024-27992 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Link Whisper Link Whisper Free allows Reflected XSS.This issue affects Link Whisper Free: from n/a through 0.6.8.