ReportizFlow
Filtered by vendor
Subscriptions
Total
346333 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-49332 | 2 Giveaway Boost, Giveawayboost | 2 Giveaway Boost, Giveaway Boost | 2026-04-23 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in giveawayboost Giveaway Boost giveaway-boost allows Object Injection.This issue affects Giveaway Boost: from n/a through <= 2.1.4. | ||||
| CVE-2024-49331 | 2 Myriad Solutionz, Myriadsolutionz | 2 Property Lot Management System, Property Lot Management System | 2026-04-23 | 9.9 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Myriad Solutionz Property Lot Management System plms allows Upload a Web Shell to a Web Server.This issue affects Property Lot Management System: from n/a through <= 4.2.38. | ||||
| CVE-2024-49330 | 1 Brx8r | 1 Nice Backgrounds | 2026-04-23 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in brx8r Nice Backgrounds nicebackgrounds allows Upload a Web Shell to a Web Server.This issue affects Nice Backgrounds: from n/a through <= 1.0. | ||||
| CVE-2024-49329 | 2 Vivek Tamrakar, Vivektamrakar | 2 Wp Rest Api Fns, Wp Rest Api Fns | 2026-04-23 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in vivek2tamrakar WP REST API FNS rest-api-fns allows Upload a Web Shell to a Web Server.This issue affects WP REST API FNS: from n/a through <= 1.0.0. | ||||
| CVE-2024-49328 | 2 Vivek Tamrakar, Vivektamrakar | 2 Wp Rest Api Fns, Wp Rest Api Fns | 2026-04-23 | 9.8 Critical |
| Authentication Bypass Using an Alternate Path or Channel vulnerability in vivek2tamrakar WP REST API FNS rest-api-fns allows Authentication Bypass.This issue affects WP REST API FNS: from n/a through <= 1.0.0. | ||||
| CVE-2024-49327 | 1 Asepbagjapriandana | 1 Woostagram Connect | 2026-04-23 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in bepitulaz Woostagram Connect woostagram-connect allows Upload a Web Shell to a Web Server.This issue affects Woostagram Connect: from n/a through <= 1.0.2. | ||||
| CVE-2024-49326 | 1 Vasiliskerasiotis | 1 Affiliator | 2026-04-23 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in Vasileios Kerasiotis Affiliator affiliator-lite allows Upload a Web Shell to a Web Server.This issue affects Affiliator: from n/a through <= 2.1.3. | ||||
| CVE-2024-49325 | 1 Wpdiscover | 1 Photo Gallery Builder | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in wpdiscover Photo Gallery Builder photo-gallery-builder allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Photo Gallery Builder: from n/a through <= 3.0. | ||||
| CVE-2024-49324 | 1 Sovratec | 2 Case Management, Sovratec Case Management | 2026-04-23 | 10 Critical |
| Unrestricted Upload of File with Dangerous Type vulnerability in sovratecdev Sovratec Case Management sovratec-case-management allows Upload a Web Shell to a Web Server.This issue affects Sovratec Case Management: from n/a through <= 1.0.0. | ||||
| CVE-2024-49323 | 1 Sourav | 1 All In One Slider | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Shahriar Alam All in One Slider all-in-one-slider allows Reflected XSS.This issue affects All in One Slider: from n/a through <= 1.1. | ||||
| CVE-2024-49320 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dennis Encyclopedia / Glossary / Wiki encyclopedia-lexicon-glossary-wiki-dictionary allows Reflected XSS.This issue affects Encyclopedia / Glossary / Wiki: from n/a through <= 1.7.60. | ||||
| CVE-2024-49319 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in B.M. Rafiul Alam Awesome Contact Form7 for Elementor awesome-contact-form7-for-elementor.This issue affects Awesome Contact Form7 for Elementor: from n/a through <= 3.0. | ||||
| CVE-2024-49318 | 1 Olsonsp4c | 1 My Reading Library | 2026-04-23 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in Scott My Reading Library my-reading-library allows Object Injection.This issue affects My Reading Library: from n/a through <= 1.0. | ||||
| CVE-2024-49316 | 1 Wordpress | 1 Wordpress | 2026-04-23 | N/A |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in zodiac Akismet htaccess writer akismet-htaccess-writer allows Reflected XSS.This issue affects Akismet htaccess writer: from n/a through <= 1.0.1. | ||||
| CVE-2024-49313 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in rudestan VKontakte Wall Post vkontakte-wall-post allows Stored XSS.This issue affects VKontakte Wall Post: from n/a through <= 2.0. | ||||
| CVE-2024-49312 | 1 Edwiser | 1 Bridge | 2026-04-23 | 4.9 Medium |
| Server-Side Request Forgery (SSRF) vulnerability in WisdmLabs Edwiser Bridge edwiser-bridge.This issue affects Edwiser Bridge: from n/a through <= 3.0.7. | ||||
| CVE-2024-49311 | 1 Edwiser | 1 Bridge | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WisdmLabs Edwiser Bridge edwiser-bridge allows Stored XSS.This issue affects Edwiser Bridge: from n/a through <= 3.0.7. | ||||
| CVE-2024-49310 | 2 Themesflat, Wordpress | 2 Themesflat Addons For Elementor, Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themesflat themesflat-addons-for-elementor themesflat-addons-for-elementor allows Stored XSS.This issue affects themesflat-addons-for-elementor: from n/a through <= 2.2.0. | ||||
| CVE-2024-49309 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in omarfolghe Digitally digitally allows Reflected XSS.This issue affects Digitally: from n/a through <= 1.0.8. | ||||
| CVE-2024-49308 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Toast Plugins Animator scroll-triggered-animations allows Reflected XSS.This issue affects Animator: from n/a through <= 3.0.15. | ||||