Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (45987 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2024-33630 1 Piotnet 1 Piotnet Addons For Elementor 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Piotnet Piotnet Addons For Elementor allows Stored XSS.This issue affects Piotnet Addons For Elementor: from n/a through 2.4.26.
CVE-2024-33633 1 Piotnet 1 Piotnet Forms 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Piotnet Piotnet Addons For Elementor Pro allows Reflected XSS.This issue affects Piotnet Addons For Elementor Pro: from n/a through 7.1.17.
CVE-2024-33598 2 Twinpictures, Wordpress 2 Annual Archive, Wordpress 2026-04-28 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Twinpictures Annual Archive allows Stored XSS.This issue affects Annual Archive: from n/a through 1.6.0.
CVE-2024-33562 1 8theme 1 Xstore 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 8theme XStore allows Reflected XSS.This issue affects XStore: from n/a through 9.3.5.
CVE-2024-33548 2 Aa-team, Wordpress 2 Wzone, Wordpress 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AA-Team WZone allows Reflected XSS.This issue affects WZone: from n/a through 14.0.10.
CVE-2024-33554 1 8theme 1 Xstore Core 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in 8theme XStore Core allows Reflected XSS.This issue affects XStore Core: from n/a through 5.3.5.
CVE-2024-33537 2 Themehorse, Wordpress 2 Wp Portfolio, Wordpress 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Theme Horse WP Portfolio allows Stored XSS.This issue affects WP Portfolio: from n/a through 2.4.
CVE-2024-33539 1 Wpzoom 1 Wpzoom Elementor Addons 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPZOOM WPZOOM Addons for Elementor (Templates, Widgets) allows Stored XSS.This issue affects WPZOOM Addons for Elementor (Templates, Widgets): from n/a through 1.1.35.
CVE-2024-33540 1 Wordpress 1 Wordpress 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeGrill ColorNews allows Stored XSS.This issue affects ColorNews: from n/a through 1.2.6.
CVE-2024-32833 1 Wordpress 1 Wordpress 2026-04-28 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nick Halsey List Custom Taxonomy Widget allows Stored XSS.This issue affects List Custom Taxonomy Widget: from n/a through 4.1.
CVE-2024-32834 2026-04-28 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebToffee WooCommerce Shipping Label allows Stored XSS.This issue affects WooCommerce Shipping Label: from n/a through 2.3.8.
CVE-2024-32831 1 Wordpress 1 Wordpress 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lorna Timbah (webgrrrl) Accessibility Widget allows Stored XSS.This issue affects Accessibility Widget: from n/a through 2.2.
CVE-2024-32800 1 Felixmoira 1 Popup More Popups\, Lightboxes\, And More Popup Modules 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Felix Moira Popup More Popups allows Stored XSS.This issue affects Popup More Popups: from n/a through 2.3.1.
CVE-2024-32801 1 Wordpress 1 Widget Post Slider 2026-04-28 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ShapedPlugin Widget Post Slider allows Stored XSS.This issue affects Widget Post Slider: from n/a through 1.3.5.
CVE-2024-32722 1 Wordpress 1 Wordpress 2026-04-28 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Coupon & Discount Code Reveal Button allows Stored XSS.This issue affects Coupon & Discount Code Reveal Button: from n/a through 1.2.5.
CVE-2024-32723 2026-04-28 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Code Tides Advanced Floating Content allows Stored XSS.This issue affects Advanced Floating Content: from n/a through 1.2.5.
CVE-2024-32721 1 Jegtheme 1 Jeg Elementor Kit 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jegtheme Jeg Elementor Kit allows Stored XSS.This issue affects Jeg Elementor Kit: from n/a through 2.6.3.
CVE-2024-32707 2026-04-28 5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GhozyLab Image Slider Widget allows Stored XSS.This issue affects Image Slider Widget: from n/a through 1.1.125.
CVE-2024-32702 1 Reputeinfosystems 1 Arforms 2026-04-28 7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in reputeinfosystems ARForms arforms.This issue affects ARForms: from n/a through <= 6.4.
CVE-2024-32696 2026-04-28 6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuantumCloud Infographic Maker – iList allows Stored XSS.This issue affects Infographic Maker – iList: from n/a through 4.6.6.