Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2017-18563

    The rsvp plugin before 2.3.8 for WordPress has persistent XSS via the note field on the attendee-list screen.... Read more

    Affected Products : rsvp
    • Published: Aug. 21, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18562

    The error-log-viewer plugin before 1.0.6 for WordPress has multiple XSS issues.... Read more

    Affected Products : error_log_viewer
    • Published: Aug. 21, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18561

    The embed-comment-images plugin before 0.6 for WordPress has XSS.... Read more

    Affected Products : embed_images_in_comments
    • Published: Aug. 21, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18560

    The content-audit plugin before 1.9.2 for WordPress has XSS.... Read more

    Affected Products : content_audit
    • Published: Aug. 21, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18559

    The cforms2 plugin before 14.13.3 for WordPress has multiple XSS issues.... Read more

    Affected Products : cformsii
    • Published: Aug. 21, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18558

    The bws-testimonials plugin before 0.1.9 for WordPress has multiple XSS issues.... Read more

    Affected Products : testimonials
    • Published: Aug. 21, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18557

    The bws-google-maps plugin before 1.3.6 for WordPress has multiple XSS issues.... Read more

    Affected Products : google_maps
    • Published: Aug. 21, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18556

    The bws-google-analytics plugin before 1.7.1 for WordPress has multiple XSS issues.... Read more

    Affected Products : google_analytics
    • Published: Aug. 21, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18555

    The booking-sms plugin before 1.1.0 for WordPress has XSS.... Read more

    Affected Products : booking_calendar
    • Published: Aug. 21, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18554

    The analytics-tracker plugin before 1.1.1 for WordPress has XSS via a search event.... Read more

    Affected Products : analytics_tracker
    • Published: Aug. 21, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18553

    The ad-buttons plugin before 2.3.2 for WordPress has XSS.... Read more

    Affected Products : ad_buttons
    • Published: Aug. 21, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-18552

    An issue was discovered in net/rds/af_rds.c in the Linux kernel before 4.11. There is an out of bounds write and read in the function rds_recv_track_latency.... Read more

    Affected Products : linux_kernel
    • Published: Aug. 19, 2019
    • Modified: Nov. 21, 2024

  • 6.7

    MEDIUM
    CVE-2017-18551

    An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is an out of bounds write in the function i2c_smbus_xfer_emulated.... Read more

    Affected Products : linux_kernel leap
    • Published: Aug. 19, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-18550

    An issue was discovered in drivers/scsi/aacraid/commctrl.c in the Linux kernel before 4.13. There is potential exposure of kernel stack memory because aac_get_hba_info does not initialize the hbainfo structure.... Read more

    Affected Products : linux_kernel
    • Published: Aug. 19, 2019
    • Modified: Nov. 21, 2024

  • 5.5

    MEDIUM
    CVE-2017-18549

    An issue was discovered in drivers/scsi/aacraid/commctrl.c in the Linux kernel before 4.13. There is potential exposure of kernel stack memory because aac_send_raw_srb does not initialize the reply structure.... Read more

    Affected Products : linux_kernel
    • Published: Aug. 19, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-18548

    The note-press plugin before 0.1.2 for WordPress has SQL injection.... Read more

    Affected Products : note_press
    • Published: Aug. 16, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-18547

    The nelio-ab-testing plugin before 4.6.4 for WordPress has CSRF in experiment forms.... Read more

    Affected Products : nelio_ab_testing
    • Published: Aug. 16, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-18546

    The jayj-quicktag plugin before 1.3.2 for WordPress has CSRF.... Read more

    Affected Products : jayj_quicktag
    • Published: Aug. 16, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2017-18545

    The invite-anyone plugin before 1.3.16 for WordPress has incorrect escaping of untrusted Dashboard and front-end input.... Read more

    Affected Products : invite_anyone invite_anyone_plugin
    • Published: Aug. 16, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-18544

    The invite-anyone plugin before 1.3.16 for WordPress has admin-panel CSRF.... Read more

    Affected Products : invite_anyone invite_anyone_plugin
    • Published: Aug. 16, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 292815 Results