Filtered by vendor Wordpress
Subscriptions
Total
11488 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-54269 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Ninja Team Notibar notibar allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Notibar: from n/a through <= 2.1.4. | ||||
| CVE-2024-54261 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in HK Digital Agency LLC TAX SERVICE Electronic HDM virtual-hdm-for-taxservice-am allows SQL Injection.This issue affects TAX SERVICE Electronic HDM: from n/a through <= 1.2.2. | ||||
| CVE-2024-54260 | 2 Blazethemes, Wordpress | 2 News Kit Elementor Addons, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in blazethemes News Kit Elementor Addons news-kit-elementor-addons allows Stored XSS.This issue affects News Kit Elementor Addons: from n/a through <= 1.4.2. | ||||
| CVE-2024-54258 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Anzar Ahmed Ni CRM Lead ni-crm-lead allows SQL Injection.This issue affects Ni CRM Lead: from n/a through <= 1.3.0. | ||||
| CVE-2024-54256 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in Seerox Easy Blocks pro easy-blocks-pro allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Easy Blocks pro: from n/a through <= 1.0.21. | ||||
| CVE-2024-54251 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in prodigycommerce Prodigy Commerce prodigy-commerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Prodigy Commerce: from n/a through <= 3.1.2. | ||||
| CVE-2024-54250 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in prodigycommerce Prodigy Commerce prodigy-commerce allows DOM-Based XSS.This issue affects Prodigy Commerce: from n/a through <= 3.0.8. | ||||
| CVE-2024-54246 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Think201 FAQs faqs allows Stored XSS.This issue affects FAQs: from n/a through <= 1.0.2. | ||||
| CVE-2024-54245 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Think201 Clients clients allows Stored XSS.This issue affects Clients: from n/a through <= 1.1.4. | ||||
| CVE-2024-54244 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Think201 Easy Replace easy-replace allows Stored XSS.This issue affects Easy Replace: from n/a through <= 1.3. | ||||
| CVE-2024-54243 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Think201 Echoza echoza allows Stored XSS.This issue affects Echoza: from n/a through <= 0.1.1. | ||||
| CVE-2024-54242 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in appsbd Simple Notification simple-notification allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Notification: from n/a through <= 1.3. | ||||
| CVE-2024-54239 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Missing Authorization vulnerability in dugudlabs Eyewear prescription form eyewear-prescription-form allows Privilege Escalation.This issue affects Eyewear prescription form: from n/a through <= 4.0.18. | ||||
| CVE-2024-54237 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Anzar Ahmed Ni CRM Lead ni-crm-lead allows Reflected XSS.This issue affects Ni CRM Lead: from n/a through <= 1.3.0. | ||||
| CVE-2024-54234 | 2 Wordpress, Wp-buy | 2 Wordpress, Limit Login Attempts | 2026-04-01 | N/A |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wp-buy Limit Login Attempts wp-limit-failed-login-attempts allows SQL Injection.This issue affects Limit Login Attempts: from n/a through <= 5.5. | ||||
| CVE-2024-54226 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Cross-Site Request Forgery (CSRF) vulnerability in karlkiesinger Country Blocker country-blocker allows Stored XSS.This issue affects Country Blocker: from n/a through <= 3.2. | ||||
| CVE-2024-54220 | 2 Roninwp, Wordpress | 2 Fat Services Booking, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in roninwp FAT Services Booking fat-services-booking allows Stored XSS.This issue affects FAT Services Booking: from n/a through <= 5.6. | ||||
| CVE-2024-54219 | 2 Thehp, Wordpress | 2 Aio Contact, Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in thehp AIO Contact aio-contact.This issue affects AIO Contact: from n/a through <= 2.8.1. | ||||
| CVE-2024-54209 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPFactory Awesome Shortcodes awesome-shortcodes allows Reflected XSS.This issue affects Awesome Shortcodes: from n/a through <= 1.7.2. | ||||
| CVE-2024-54208 | 1 Wordpress | 1 Wordpress | 2026-04-01 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Joni Halabi Block Controller block-controller allows Reflected XSS.This issue affects Block Controller: from n/a through <= 1.4.3. | ||||