Alfie – Feed Plugin CVEs and Security Vulnerabilities

Search

Expected end of text, found '–' (at char 32), (line:1, col:33)

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (347351 CVEs found)

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-34436	1 Sktthemes	1 Skt Addons For Elementor	2026-04-28	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SKT Themes SKT Addons for Elementor allows Stored XSS.This issue affects SKT Addons for Elementor: from n/a through 1.8.
CVE-2024-34432	1 Kitforest	1 Better Elementor Addons	2026-04-28	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BetterAddons Better Elementor Addons better-elementor-addons allows Stored XSS.This issue affects Better Elementor Addons: from n/a through 1.4.4.
CVE-2024-34417	2 Toidicode.com, Wordpress	2 Viet Nam Affiliate, Wordpress	2026-04-28	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Toidicode.Com (thanhtaivtt) Viet Nam Affiliate allows Stored XSS.This issue affects Viet Nam Affiliate: from n/a through 1.0.0.
CVE-2024-34416	1 Wordpress	1 Wordpress	2026-04-28	9.1 Critical
Unrestricted Upload of File with Dangerous Type vulnerability in Pk Favicon Manager.This issue affects Pk Favicon Manager: from n/a through 2.1.
CVE-2024-34388	1 Wordpress	1 Wordpress	2026-04-28	7.5 High
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Scribit GDPR Compliance.This issue affects GDPR Compliance: from n/a through 1.2.5.
CVE-2024-34374	1 Quomodosoft	1 Elementsready	2026-04-28	6.5 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in QuomodoSoft ElementsReady Addons for Elementor allows Stored XSS.This issue affects ElementsReady Addons for Elementor: from n/a through 5.8.0.
CVE-2024-34366			2026-04-28	5.9 Medium
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AltText.Ai Download Alt Text AI allows Stored XSS.This issue affects Download Alt Text AI: from n/a through 1.3.4.
CVE-2024-33930			2026-04-28	4.7 Medium
URL Redirection to Untrusted Site ('Open Redirect') vulnerability in ILLID Share This Image.This issue affects Share This Image: from n/a through 1.97.
CVE-2024-33690	2 Jegstudio, Wordpress	2 Financio, Wordpress	2026-04-28	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Jegstudio Financio.This issue affects Financio: from n/a through 1.1.3.
CVE-2024-33586	1 10web	1 Photo Gallery	2026-04-28	5.3 Medium
Missing Authorization vulnerability in Photo Gallery Team Photo Gallery by 10Web.This issue affects Photo Gallery by 10Web: from n/a through 1.8.20.
CVE-2024-33575	1 Usermeta	1 User Meta User Profile Builder And User Management	2026-04-28	5.3 Medium
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in User Meta user-meta.This issue affects User Meta: from n/a through 3.0.
CVE-2024-33568	1 Bdthemes	1 Element Pack	2026-04-28	8.5 High
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Deserialization of Untrusted Data vulnerability in BdThemes Element Pack Pro allows Path Traversal, Object Injection.This issue affects Element Pack Pro: from n/a before 7.19.3.
CVE-2024-32955	2 Foliovision, Wordpress	2 Fv Flowplayer Video Player, Wordpress	2026-04-28	4.9 Medium
Server-Side Request Forgery (SSRF) vulnerability in Foliovision FV Flowplayer Video Player.This issue affects FV Flowplayer Video Player: from n/a through 7.5.43.7212.
CVE-2024-32953	1 Tribulant	1 Newsletters	2026-04-28	7.5 High
Insertion of Sensitive Information into Log File vulnerability in Newsletters.This issue affects Newsletters: from n/a through 4.9.5.
CVE-2024-32952	1 Wordpress	1 Max Addons Pro For Bricks	2026-04-28	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in BloomPixel Max Addons Pro for Bricks allows Reflected XSS.This issue affects Max Addons Pro for Bricks: from n/a through 1.6.1.
CVE-2024-32950	1 Wordpress	1 Wordpress	2026-04-28	7.1 High
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DeBAAT WP Media Category Management allows Reflected XSS.This issue affects WP Media Category Management: from n/a through 2.2.
CVE-2024-32948	2 Armemberplugin, Reputeinfosystems	2 Armember, Armember	2026-04-28	9.1 Critical
Missing Authorization vulnerability in Repute Infosystems ARMember.This issue affects ARMember: from n/a through 4.0.28.
CVE-2024-32810	1 Shortpixel	1 Shortpixel Critical Css	2026-04-28	7.6 High
Missing Authorization vulnerability in ShortPixel ShortPixel Critical CSS.This issue affects ShortPixel Critical CSS: from n/a through 1.0.2.
CVE-2024-32773	1 Wproyal	1 Royal Elementor Kit	2026-04-28	4.3 Medium
Cross-Site Request Forgery (CSRF) vulnerability in WP Royal Royal Elementor Kit.This issue affects Royal Elementor Kit: from n/a through 1.0.116.
CVE-2024-32726	2 Buffercode, Wordpress	2 Frontend Dashboard, Wordpress	2026-04-28	7.5 High
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in vinoth06. Frontend Dashboard.This issue affects Frontend Dashboard: from n/a through 2.2.2.

« first previous Page 80 of 17368. next last »