CVE Vulnerability Database

Complete database of CVE vulnerabilities. Track critical security threats, exploits and patches. Updated daily from NVD NIST.

KEV (262)

CVE-2026-24971

9.8 CRITICAL 9.8

Incorrect Privilege Assignment vulnerability in Elated-Themes Search & Go searchgo allows Privilege Escalation.This issue affects Search & Go: from n/a through <= 2.8.

25 Mar 2026

Details

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in designingmedia Energox energox allows Path Traversal.This issue affects Energox: from n/a through <= 1.2.

25 Mar 2026

Details

CVE-2026-24969

7.7 HIGH 7.7

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in designingmedia Instant VA instantva allows Path Traversal.This issue affects Instant VA: from n/a through <= 1.0.1.

25 Mar 2026

Details

CVE-2026-24968

9.8 CRITICAL 9.8

Incorrect Privilege Assignment vulnerability in Xagio SEO Xagio SEO xagio-seo allows Privilege Escalation.This issue affects Xagio SEO: from n/a through <= 7.1.0.30.

25 Mar 2026

Details

CVE-2026-24964

6.4 MEDIUM 6.4

Server-Side Request Forgery (SSRF) vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery allows Server Side Request Forgery.This issue affects Contest Gallery: from n/a through <= 28.1.2.1.

25 Mar 2026 Server-Side

Details

CVE-2026-24391

7.1 HIGH 7.1

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeMakers Car Dealer cardealer allows Reflected XSS.This issue affects Car Dealer: from n/a through <= 1.6.7.

25 Mar 2026

Details

CVE-2026-24382

7.5 HIGH 7.5

Missing Authorization vulnerability in wproyal News Magazine X news-magazine-x allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects News Magazine X: from n/a through <= 1.2.50.

25 Mar 2026

Details

CVE-2026-24378

9.8 CRITICAL 9.8

Deserialization of Untrusted Data vulnerability in Metagauss EventPrime eventprime-event-calendar-management allows Object Injection.This issue affects EventPrime: from n/a through <= 4.2.8.0.

25 Mar 2026 Deserialization

Details

CVE-2026-24376

6.5 MEDIUM 6.5

Missing Authorization vulnerability in Javier Casares WPVulnerability wpvulnerability allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPVulnerability: from n/a through <= 4.2.1.

25 Mar 2026

Details

CVE-2026-24373

8.1 HIGH 8.1

Incorrect Privilege Assignment vulnerability in Metagauss RegistrationMagic custom-registration-form-builder-with-submission-manager allows Privilege Escalation.This issue affects RegistrationMagic: from n/a through <= 6.0.7.1.

25 Mar 2026

Details

← Previous Page 248 of 3378/3378 Next →

Statistics

Total 33777

Critical 3102

High 11534

Menu

CVE Vulnerability Database

CVE-2026-24971

CVE-2026-24970

CVE-2026-24969

CVE-2026-24968

CVE-2026-24964

CVE-2026-24391

CVE-2026-24382

CVE-2026-24378

CVE-2026-24376

CVE-2026-24373

Statistics

Editor's Choice

Menu

CVE Vulnerability Database

Statistics

Editor's Choice

Stay informed on cybersecurity