Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (12045 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2024-33932 1 Wordpress 1 Wordpress 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Vinod Dalvi Login Logout Register Menu allows Stored XSS.This issue affects Login Logout Register Menu: from n/a through 2.0.
CVE-2024-33929 2 Wordpress, Wpwax 2 Wordpress, Directorist 2026-04-28 5.3 Medium
Missing Authorization vulnerability in wpWax Directorist.This issue affects Directorist: from n/a through 7.8.6.
CVE-2024-33926 1 Wordpress 1 Wordpress 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Karl Kiesinger GWP-Histats allows Stored XSS.This issue affects GWP-Histats: from n/a through 1.0.
CVE-2024-33915 2 Bowo, Wordpress 2 Debug Log Manager, Wordpress 2026-04-28 4.3 Medium
Missing Authorization vulnerability in Bowo Debug Log Manager.This issue affects Debug Log Manager: from n/a through 2.3.1.
CVE-2024-33924 1 Wordpress 1 Wordpress 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Realtyna Realtyna Organic IDX plugin allows Reflected XSS.This issue affects Realtyna Organic IDX plugin: from n/a through 4.14.4.
CVE-2024-33925 1 Wordpress 1 Wordpress 2026-04-28 4.3 Medium
Missing Authorization vulnerability in Adrian Mörchen Embed Google Fonts.This issue affects Embed Google Fonts: from n/a through 3.1.0.
CVE-2024-33918 1 Wordpress 1 Wordpress 2026-04-28 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Maxim K AJAX Login and Registration modal popup + inline form allows Stored XSS.This issue affects AJAX Login and Registration modal popup + inline form: from n/a through 2.23.
CVE-2024-33917 2 Webtechideas, Wordpress 2 Wti Like Post, Wordpress 2026-04-28 5.3 Medium
Authentication Bypass by Spoofing vulnerability in webtechideas WTI Like Post allows Functionality Bypass.This issue affects WTI Like Post: from n/a through 1.4.6.
CVE-2024-33916 2 Machothemes, Wordpress 2 Cpo Companion, Wordpress 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in MachoThemes CPO Companion allows Stored XSS.This issue affects CPO Companion: from n/a through 1.1.0.
CVE-2024-33922 1 Wordpress 1 Wordpress 2026-04-28 5.3 Medium
Insertion of Sensitive Information into Log File vulnerability in Jordy Meow WP Media Cleaner.This issue affects WP Media Cleaner: from n/a through 6.7.2.
CVE-2024-33908 1 Wordpress 1 Wordpress 2026-04-28 5.3 Medium
Missing Authorization vulnerability in Themesgrove WidgetKit.This issue affects WidgetKit: from n/a through 2.5.0.
CVE-2024-33695 1 Wordpress 1 Wordpress 2026-04-28 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeNcode Fan Page Widget by ThemeNcode allows Stored XSS.This issue affects Fan Page Widget by ThemeNcode: from n/a through 2.0.
CVE-2024-33692 1 Wordpress 1 Wordpress 2026-04-28 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Satrya Smart Recent Posts Widget allows Stored XSS.This issue affects Smart Recent Posts Widget: from n/a through 1.0.3.
CVE-2024-33682 1 Wordpress 1 Gdpr Compliance 2026-04-28 5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Cookie Information A/S WP GDPR Compliance.This issue affects WP GDPR Compliance: from n/a through 2.0.23.
CVE-2024-33688 2 Extendthemes, Wordpress 2 Teluro, Teluro Theme 2026-04-28 4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Extend Themes Teluro.This issue affects Teluro: from n/a through 1.0.31.
CVE-2024-33646 1 Wordpress 1 Wordpress 2026-04-28 7.1 High
Cross-Site Request Forgery (CSRF) vulnerability in Toast Plugins Sticky Anything allows Cross-Site Scripting (XSS).This issue affects Sticky Anything: from n/a through 2.1.5.
CVE-2024-33645 1 Wordpress 1 Wordpress 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Eftakhairul Islam & Sirajus Salayhin Easy Set Favicon allows Reflected XSS.This issue affects Easy Set Favicon: from n/a through 1.1.
CVE-2024-33643 1 Wordpress 1 Wordpress 2026-04-28 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kailey Lampert Advanced Most Recent Posts Mod allows Stored XSS.This issue affects Advanced Most Recent Posts Mod: from n/a through 1.6.5.2.
CVE-2024-33641 1 Wordpress 1 Wordpress 2026-04-28 5.4 Medium
Deserialization of Untrusted Data vulnerability in Team Yoast Custom field finder.This issue affects Custom field finder: from n/a through 0.3.
CVE-2024-33637 1 Wordpress 1 Wordpress 2026-04-28 7.5 High
Insertion of Sensitive Information into Log File vulnerability in Solid Plugins Solid Affiliate.This issue affects Solid Affiliate: from n/a through 1.9.1.