2021 CVE Vulnerabilities
23,431 CVEs published in 2021.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2021-47957 | MEDIUM | 5.1 | 0.2% | May 16, 2026 | Cookie Law Bar 1.2.1 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject ... |
| CVE-2021-47956 | HIGH | 8.8 | 0.3% | May 16, 2026 | EgavilanMedia PHPCRUD 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate da... |
| CVE-2021-47955 | MEDIUM | 5.1 | 0.2% | May 16, 2026 | CouchCMS 2.2.1 contains a cross-site scripting vulnerability that allows authenticated attackers to execute arbitrary Ja... |
| CVE-2021-47954 | HIGH | 8.8 | 0.2% | May 16, 2026 | LayerBB 1.1.4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queri... |
| CVE-2021-47952 | CRITICAL | 9.3 | 0.6% | May 16, 2026 | python jsonpickle 2.0.0 contains a remote code execution vulnerability that allows attackers to execute arbitrary Python... |
| CVE-2021-47942 | HIGH | 8.7 | 0.5% | May 16, 2026 | Home Assistant Community Store (HACS) prior to 1.10.0 contains a path traversal vulnerability that allows unauthenticate... |
| CVE-2021-47934 | MEDIUM | 6.9 | 0.2% | May 16, 2026 | MyBB Timeline Plugin 1.0 contains cross-site scripting vulnerabilities that allow attackers to inject malicious scripts ... |
| CVE-2021-47968 | MEDIUM | 5.1 | 0.2% | May 15, 2026 | Podcast Generator 3.1 is vulnerable to persistent cross-site scripting, allowing authenticated attackers to inject malic... |
| CVE-2021-47967 | MEDIUM | 5.1 | 0.2% | May 15, 2026 | PHP Timeclock 1.04 contains multiple cross-site scripting vulnerabilities that allow unauthenticated attackers to inject... |
| CVE-2021-47966 | HIGH | 8.8 | 0.3% | May 15, 2026 | PHP Timeclock 1.04 contains time-based and boolean-based blind SQL injection vulnerabilities in the login_userid paramet... |
| CVE-2021-47965 | CRITICAL | 9.3 | 0.6% | May 15, 2026 | WordPress Plugin WP Super Edit 2.5.4 and earlier contains an unrestricted file upload vulnerability in the FCKeditor com... |
| CVE-2021-47964 | HIGH | 8.7 | 0.7% | May 15, 2026 | Schlix CMS 2.2.6-6 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitra... |
| CVE-2021-47963 | MEDIUM | 5.1 | 0.5% | May 15, 2026 | Anote 1.0 contains a persistent cross-site scripting vulnerability that allows attackers to execute arbitrary code by in... |
| CVE-2021-47962 | MEDIUM | 5.1 | 0.2% | May 15, 2026 | Savsoft Quiz 5.0 contains a persistent cross-site scripting vulnerability in the user account settings page that allows ... |
| CVE-2021-47959 | HIGH | 8.7 | 0.5% | May 15, 2026 | WordPress Plugin WPGraphQL 1.3.5 contains a denial of service vulnerability that allows unauthenticated attackers to exh... |
| CVE-2021-47958 | MEDIUM | 5.3 | 0.2% | May 15, 2026 | CouchCMS 2.2.1 contains a server-side request forgery vulnerability that allows authenticated attackers to make arbitrar... |
| CVE-2021-26380 | LOW | 1.8 | 0.1% | May 15, 2026 | A compromised Trusted OS (TOS) driver could issue a malformed call that could potentially allow memory access outside t... |
| CVE-2021-47953 | MEDIUM | 5.3 | 0.1% | May 10, 2026 | OpenCart 3.0.3.7 contains a cross-site request forgery vulnerability that allows attackers to change user passwords by s... |
| CVE-2021-47951 | MEDIUM | 5.1 | 0.2% | May 10, 2026 | WordPress Picture Gallery 1.4.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers... |
| CVE-2021-47950 | MEDIUM | 5.1 | 0.2% | May 10, 2026 | Advanced Guestbook 2.4.4 contains a persistent cross-site scripting vulnerability in the smilies administration interfac... |
| CVE-2021-47949 | HIGH | 8.7 | 0.5% | May 10, 2026 | CyberPanel 2.1 contains a command execution vulnerability that allows authenticated attackers to read arbitrary files an... |
| CVE-2021-47948 | MEDIUM | 5.1 | 0.2% | May 10, 2026 | WordPress GetPaid Plugin 2.4.6 contains an HTML injection vulnerability that allows authenticated attackers to inject ar... |
| CVE-2021-47947 | MEDIUM | 5.1 | 0.2% | May 10, 2026 | Projectsend r1295 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject mal... |
| CVE-2021-47946 | MEDIUM | 6.9 | 0.2% | May 10, 2026 | OpenCart 3.0.3.6 contains a cross-site request forgery vulnerability in the /account/edit endpoint that allows unauthent... |
| CVE-2021-47945 | HIGH | 8.5 | 0.1% | May 10, 2026 | Argus Surveillance DVR 4.0 contains an unquoted service path vulnerability in the DVRWatchdog service that allows local ... |
Check if your code is affected by 2021 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now