Total
9190 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-51632 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Sam Hoe SH Slideshow sh-slideshow allows Stored XSS.This issue affects SH Slideshow: from n/a through <= 4.3. | ||||
| CVE-2024-51631 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Md Eftakhairul Islam Sticky Social Bar sticky-social-bar allows Cross Site Request Forgery.This issue affects Sticky Social Bar: from n/a through <= 2.0. | ||||
| CVE-2024-51630 | 2026-04-23 | 7.1 High | ||
| Cross-Site Request Forgery (CSRF) vulnerability in Lars Schenk Responsive Flickr Gallery responsive-flickr-gallery allows Stored XSS.This issue affects Responsive Flickr Gallery: from n/a through <= 1.3.1. | ||||
| CVE-2024-50534 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in techdabang World Prayer Time world-prayer-time allows Stored XSS.This issue affects World Prayer Time: from n/a through <= 2.0. | ||||
| CVE-2024-50533 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in David Garcia Domain Sharding domain-sharding allows Stored XSS.This issue affects Domain Sharding: from n/a through <= 1.2.1. | ||||
| CVE-2024-49685 | 1 Smashballoon | 1 Custom Twitter Feeds | 2026-04-23 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in Syed Balkhi Custom Twitter Feeds (Tweets Widget) custom-twitter-feeds allows Cross Site Request Forgery.This issue affects Custom Twitter Feeds (Tweets Widget): from n/a through <= 2.2.3. | ||||
| CVE-2024-49674 | 1 Lukas Huser | 1 Ekc Tournament Manager | 2026-04-23 | 9.6 Critical |
| Cross-Site Request Forgery (CSRF) vulnerability in lukashuser EKC Tournament Manager ekc-tournament-manager allows Upload a Web Shell to a Web Server.This issue affects EKC Tournament Manager: from n/a through <= 2.2.1. | ||||
| CVE-2024-49672 | 1 Gief | 1 Google Docs Rsvp | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in giffordcheung Google Docs RSVP google-docs-rsvp-guestlist allows Stored XSS.This issue affects Google Docs RSVP: from n/a through <= 2.0.1. | ||||
| CVE-2024-49629 | 1 Androidbubbles | 1 Endless Posts Navigation | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Fahad Mahmood Endless Posts Navigation endless-posts-navigation allows Stored XSS.This issue affects Endless Posts Navigation: from n/a through <= 2.2.7. | ||||
| CVE-2024-49628 | 1 Whiletrue | 1 Most And Least Read Posts Widget | 2026-04-23 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in whiletrue Most And Least Read Posts Widget most-and-least-read-posts-widget allows Cross Site Request Forgery.This issue affects Most And Least Read Posts Widget: from n/a through <= 2.5.18. | ||||
| CVE-2024-49622 | 1 Apa | 1 Apa Banner Slider | 2026-04-23 | 8.2 High |
| Cross-Site Request Forgery (CSRF) vulnerability in aatmaadhikari Apa Banner Slider apa-banner-slider allows SQL Injection.This issue affects Apa Banner Slider: from n/a through <= 1.0.0. | ||||
| CVE-2024-49621 | 1 Apa | 1 Apa Register Newsletter Form | 2026-04-23 | 8.2 High |
| Cross-Site Request Forgery (CSRF) vulnerability in aatmaadhikari APA Register Newsletter Form apa-register-newsletter-form allows SQL Injection.This issue affects APA Register Newsletter Form: from n/a through <= 1.0.0. | ||||
| CVE-2024-49617 | 1 Bhaskardhote | 1 Back Link Tracker | 2026-04-23 | 8.2 High |
| Cross-Site Request Forgery (CSRF) vulnerability in anciwasim Back Link Tracker back-link-tracker allows Blind SQL Injection.This issue affects Back Link Tracker: from n/a through <= 1.0.0. | ||||
| CVE-2024-49615 | 1 Henriquerodrigues | 1 Safetyforms | 2026-04-23 | 8.2 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Henrique Rodrigues SafetyForms safetymails-forms allows Blind SQL Injection.This issue affects SafetyForms: from n/a through <= 1.0.0. | ||||
| CVE-2024-49605 | 1 Avchat.net | 1 Avchat Video Chat | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in Stefan Nour AVChat Video Chat avchat-3 allows Stored XSS.This issue affects AVChat Video Chat: from n/a through <= 2.2. | ||||
| CVE-2024-49335 | 1 Edush Maxim | 1 Googledrive Folder List | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in sh4d0w28 GoogleDrive folder list googledrive-folder-list allows Stored XSS.This issue affects GoogleDrive folder list: from n/a through <= 2.2.2. | ||||
| CVE-2024-49313 | 1 Wordpress | 1 Wordpress | 2026-04-23 | 7.1 High |
| Cross-Site Request Forgery (CSRF) vulnerability in rudestan VKontakte Wall Post vkontakte-wall-post allows Stored XSS.This issue affects VKontakte Wall Post: from n/a through <= 2.0. | ||||
| CVE-2024-49306 | 1 Wp-buy | 1 Wp Content Copy Protection \& No Right Click | 2026-04-23 | 4.3 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in wp-buy WP Content Copy Protection & No Right Click wp-content-copy-protector allows Cross Site Request Forgery.This issue affects WP Content Copy Protection & No Right Click: from n/a through <= 3.5.9. | ||||
| CVE-2024-49304 | 2 Pinpoint.world, Wordpress | 2 Pinpoint Booking System, Wordpress | 2026-04-23 | 5.4 Medium |
| Cross-Site Request Forgery (CSRF) vulnerability in DOTonPAPER Pinpoint Booking System booking-system allows Stored XSS.This issue affects Pinpoint Booking System: from n/a through <= 2.9.9.5.7. | ||||
| CVE-2024-49294 | 2026-04-23 | 4.3 Medium | ||
| Cross-Site Request Forgery (CSRF) vulnerability in magepeopleteam Bus Ticket Booking with Seat Reservation bus-ticket-booking-with-seat-reservation allows Cross Site Request Forgery.This issue affects Bus Ticket Booking with Seat Reservation: from n/a through <= 5.4.3. | ||||