Export limit exceeded: 365444 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (365444 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-37201 | 2026-04-15 | 4.3 Medium | ||
| Missing Authorization vulnerability in javmah Woocommerce Customers Order History allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Woocommerce Customers Order History: from n/a through 5.2.2. | ||||
| CVE-2024-37203 | 2 Laybuy, Wordpress | 2 Laybuy Payment Extension For Woocommerce, Wordpress | 2026-04-15 | 4.3 Medium |
| Missing Authorization vulnerability in Laybuy Laybuy Payment Extension for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Laybuy Payment Extension for WooCommerce: from n/a through 5.3.9. | ||||
| CVE-2024-37205 | 2026-04-15 | 5.3 Medium | ||
| Insertion of Sensitive Information into Log File vulnerability in SERVIT Software Solutions.This issue affects affiliate-toolkit: from n/a through 3.4.4. | ||||
| CVE-2024-37207 | 2 Theme4press, Wordpress | 2 Demo Awesome, Wordpress | 2026-04-15 | 5.4 Medium |
| Missing Authorization vulnerability in Theme4Press Demo Awesome allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Demo Awesome: from n/a through 1.0.2. | ||||
| CVE-2024-37208 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 4.9 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in Robert Macchi WP Scraper.This issue affects WP Scraper: from n/a through 5.7. | ||||
| CVE-2024-37209 | 2026-04-15 | 6.5 Medium | ||
| Access Control vulnerability in Prism IT Systems User Rights Access Manager allows . This issue affects User Rights Access Manager: from n/a through 1.1.2. | ||||
| CVE-2024-3721 | 2026-04-15 | 6.3 Medium | ||
| A vulnerability was found in TBK DVR-4104 and DVR-4216 up to 20240412 and classified as critical. This issue affects some unknown processing of the file /device.rsp?opt=sys&cmd=___S_O_S_T_R_E_A_MAX___. The manipulation of the argument mdb/mdc leads to os command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-260573 was assigned to this vulnerability. | ||||
| CVE-2024-37214 | 2026-04-15 | 6.5 Medium | ||
| Missing Authorization vulnerability in Dropshipping Guru Ali2Woo Lite Exploiting Incorrectly Configured Access Control Security Levels, Stored XSS.This issue affects Ali2Woo Lite: from n/a through 3.3.5. | ||||
| CVE-2024-37218 | 2026-04-15 | 4.3 Medium | ||
| Missing Authorization vulnerability in WordPress Page Builder Sandwich Team Page Builder Sandwich – Front-End Page Builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Page Builder Sandwich – Front-End Page Builder: from n/a through 5.1.0. | ||||
| CVE-2024-3722 | 1 Wordpress | 1 Wordpress | 2026-04-15 | 5.4 Medium |
| The Swift Performance Lite plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the ajax_handler() function in all versions up to, and including, 2.3.6.18. This makes it possible for authenticated attackers, with subscriber-level access and above, to retrieve and modify settings. | ||||
| CVE-2024-37220 | 1 Optinly | 1 Optinly | 2026-04-15 | 5.3 Medium |
| Missing Authorization vulnerability in OptinlyHQ Optinly allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Optinly: from n/a through 1.0.18. | ||||
| CVE-2024-37226 | 1 Kanbanwp | 1 Kanban Boards For Wordpress | 2026-04-15 | 5.3 Medium |
| Missing Authorization vulnerability in Kanban for WordPress Kanban Boards for WordPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kanban Boards for WordPress: from n/a through 2.5.21. | ||||
| CVE-2024-3723 | 1 Vsourz | 1 Advanced Cf7 Db | 2026-04-15 | 5.3 Medium |
| The Advanced Contact form 7 DB plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.0.2 via the wp-content/uploads/advanced-cf7-upload directory. This makes it possible for unauthenticated attackers to extract sensitive data uploaded via this plugin through a form. | ||||
| CVE-2024-37232 | 1 Toddnestor | 1 Hercules Core | 2026-04-15 | 8.8 High |
| Missing Authorization vulnerability in Hercules Design Hercules Core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Hercules Core: from n/a through 6.5. | ||||
| CVE-2024-37233 | 2026-04-15 | 4.3 Medium | ||
| Improper Authentication vulnerability in Play.Ht allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Play.Ht: from n/a through 3.6.4. | ||||
| CVE-2024-37234 | 2026-04-15 | 3.5 Low | ||
| URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Kodezen Limited Academy LMS.This issue affects Academy LMS: from n/a through 2.0.4. | ||||
| CVE-2024-37247 | 2026-04-15 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in twinpictures, baden03 jQuery T(-) Countdown Widget allows Stored XSS.This issue affects jQuery T(-) Countdown Widget: from n/a through 2.3.25. | ||||
| CVE-2024-37248 | 2026-04-15 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Anima allows Stored XSS.This issue affects Anima: from n/a through 1.4.1. | ||||
| CVE-2024-37249 | 2026-04-15 | 4.3 Medium | ||
| Missing Authorization vulnerability in WPEngine Inc. Advanced Custom Fields PRO allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Custom Fields PRO: from n/a through 6.3.1. | ||||
| CVE-2024-37250 | 2026-04-15 | 5.4 Medium | ||
| Missing Authorization vulnerability in WPEngine Inc. Advanced Custom Fields PRO allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Advanced Custom Fields PRO: from n/a through 6.3.1. | ||||