ReportizFlow
Filtered by vendor
Subscriptions
Total
346333 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-47324 | 1 Ex-themes | 1 Wp Timeline | 2026-04-23 | 7.5 High |
| Path Traversal: '.../...//' vulnerability in Ex-Themes WP Timeline – Vertical and Horizontal timeline plugin wp-timelines.This issue affects WP Timeline – Vertical and Horizontal timeline plugin: from n/a through <= 3.6.7. | ||||
| CVE-2024-47323 | 1 Ex-themes | 1 Wp Timeline | 2026-04-23 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Ex-Themes WP Timeline – Vertical and Horizontal timeline plugin wp-timelines.This issue affects WP Timeline – Vertical and Horizontal timeline plugin: from n/a through <= 3.6.7. | ||||
| CVE-2024-47322 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ex-Themes WP Timeline – Vertical and Horizontal timeline plugin wp-timelines allows Reflected XSS.This issue affects WP Timeline – Vertical and Horizontal timeline plugin: from n/a through <= 3.6.7. | ||||
| CVE-2024-47321 | 1 Androidbubbles | 1 Wp Datepicker | 2026-04-23 | 6.5 Medium |
| Missing Authorization vulnerability in Fahad Mahmood WP Datepicker wp-datepicker.This issue affects WP Datepicker: from n/a through <= 2.1.1. | ||||
| CVE-2024-47320 | 2026-04-23 | 7.1 High | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mark Westguard WS Form LITE ws-form allows Stored XSS.This issue affects WS Form LITE: from n/a through <= 1.9.238. | ||||
| CVE-2024-47319 | 1 Bitapps | 1 Bit Form | 2026-04-23 | 8 High |
| Unrestricted Upload of File with Dangerous Type vulnerability in Bit Apps Bit Form bit-form.This issue affects Bit Form: from n/a through <= 2.13.10. | ||||
| CVE-2024-47318 | 1 Magazine3 | 1 Pwa For Wp \& Amp | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in Magazine3 PWA for WP & AMP pwa-for-wp.This issue affects PWA for WP & AMP: from n/a through <= 1.7.72. | ||||
| CVE-2024-47317 | 1 Wpquads | 1 Ads | 2026-04-23 | 4.3 Medium |
| Missing Authorization vulnerability in Ads by WPQuads Ads by WPQuads quick-adsense-reloaded.This issue affects Ads by WPQuads: from n/a through <= 2.0.84. | ||||
| CVE-2024-47316 | 1 Salonbookingsystem | 1 Salon Booking System | 2026-04-23 | 4.3 Medium |
| Authorization Bypass Through User-Controlled Key vulnerability in Dimitri Grassi Salon booking system salon-booking-system.This issue affects Salon booking system: from n/a through <= 10.9. | ||||
| CVE-2024-47315 | 1 Givewp | 1 Givewp | 2026-04-23 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in StellarWP GiveWP give.This issue affects GiveWP: from n/a through <= 3.15.1. | ||||
| CVE-2024-47314 | 1 Sunshinephotocart | 1 Sunshine Photo Cart | 2026-04-23 | 7.1 High |
| Missing Authorization vulnerability in sunshinephotocart Sunshine Photo Cart sunshine-photo-cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through <= 3.2.8. | ||||
| CVE-2024-47313 | 1 Catchthemes | 1 Catch Base | 2026-04-23 | 5.1 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catchthemes Catch Base catch-base allows Stored XSS.This issue affects Catch Base: from n/a through <= 3.4.6. | ||||
| CVE-2024-47312 | 2 Wordpress, Wpgrim | 2 Wordpress, Classic Editor And Classic Widgets | 2026-04-23 | 8.5 High |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Grim Classic Editor and Classic Widgets classic-editor-and-classic-widgets allows SQL Injection.This issue affects Classic Editor and Classic Widgets: from n/a through <= 1.4.1. | ||||
| CVE-2024-47311 | 1 Kraftplugins | 1 Wheel Of Life | 2026-04-23 | 5.3 Medium |
| Missing Authorization vulnerability in Kraft Plugins Wheel of Life wheel-of-life allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wheel of Life: from n/a through <= 1.1.8. | ||||
| CVE-2024-47310 | 2 Ari-soft, Wordpress | 2 Ari Fancy Lightbox, Wordpress | 2026-04-23 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in arisoft ARI Fancy Lightbox ari-fancy-lightbox allows Stored XSS.This issue affects ARI Fancy Lightbox: from n/a through <= 1.3.17. | ||||
| CVE-2024-47309 | 1 Condless | 1 Cities Shopping Zones For Woocommerce | 2026-04-23 | 6.6 Medium |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Condless Cities Shipping Zones for WooCommerce cities-shipping-zones-for-woocommerce allows PHP Local File Inclusion.This issue affects Cities Shipping Zones for WooCommerce: from n/a through <= 1.2.7. | ||||
| CVE-2024-47308 | 1 Templately | 1 Templately | 2026-04-23 | 6.5 Medium |
| Missing Authorization vulnerability in WPDeveloper Templately templately.This issue affects Templately: from n/a through <= 3.1.2. | ||||
| CVE-2026-23774 | 1 Dell | 3 Data Domain Operating System, Powerprotect Data Domain, Powerprotect Dp Series Appliance | 2026-04-23 | 7.2 High |
| Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release versions 7.7.1.0 through 8.5, LTS2025 release version 8.3.1.0 through 8.3.1.10, LTS2024 release versions 7.13.1.0 through 7.13.1.40, contain an OS command injection vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution. | ||||
| CVE-2024-47307 | 2026-04-23 | 6.5 Medium | ||
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Essential Plugin Meta slider and carousel with lightbox meta-slider-and-carousel-with-lightbox allows Stored XSS.This issue affects Meta slider and carousel with lightbox: from n/a through <= 2.0.1. | ||||
| CVE-2024-47306 | 2 Copy Content Protection Team, Wordpress | 2 Secure Copy Content Protection And Content Locking, Wordpress | 2026-04-23 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection-subscribe-to-view allows Stored XSS.This issue affects Secure Copy Content Protection and Content Locking: from n/a through <= 4.2.3. | ||||