Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2017-18522

    The eelv-newsletter plugin before 4.6.1 for WordPress has XSS in the address book.... Read more

    Affected Products : eelv_newsletter
    • Published: Aug. 20, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-18521

    The democracy-poll plugin before 5.4 for WordPress has CSRF via wp-admin/options-general.php?page=democracy-poll&subpage=l10n.... Read more

    Affected Products : democracy_poll
    • Published: Aug. 21, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18520

    The democracy-poll plugin before 5.4 for WordPress has XSS via update_l10n in admin/class.DemAdminInit.php.... Read more

    Affected Products : democracy_poll
    • Published: Aug. 20, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18519

    The customer-area plugin before 7.4.3 for WordPress has XSS via admin pages.... Read more

    Affected Products : wp_customer_area
    • Published: Aug. 20, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18518

    The bws-smtp plugin before 1.1.0 for WordPress has multiple XSS issues.... Read more

    Affected Products : smtp
    • Published: Aug. 20, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18517

    The bws-pinterest plugin before 1.0.5 for WordPress has multiple XSS issues.... Read more

    Affected Products : pinterest
    • Published: Aug. 20, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18516

    The bws-linkedin plugin before 1.0.5 for WordPress has multiple XSS issues.... Read more

    Affected Products : linkedin
    • Published: Aug. 21, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-18515

    The wp-statistics plugin before 12.0.8 for WordPress has SQL injection.... Read more

    Affected Products : wp_statistics
    • Published: Aug. 14, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2017-18514

    The simple-login-log plugin before 1.1.2 for WordPress has SQL injection.... Read more

    Affected Products : simple_login_log
    • Published: Aug. 14, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-18513

    The responsive-menu plugin before 3.1.4 for WordPress has no CSRF protection mechanism for the admin interface.... Read more

    Affected Products : responsive_menu
    • Published: Aug. 14, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-18512

    The newsletter-by-supsystic plugin before 1.1.8 for WordPress has CSRF.... Read more

    Affected Products : newsletter_by_supsystic
    • Published: Aug. 14, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-18511

    The custom-sidebars plugin before 3.0.8.1 for WordPress has CSRF.... Read more

    Affected Products : custom_sidebars
    • Published: Aug. 14, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-18510

    The custom-sidebars plugin before 3.1.0 for WordPress has CSRF related to set location, import actions, and export actions.... Read more

    Affected Products : custom_sidebars
    • Published: Aug. 14, 2019
    • Modified: Nov. 21, 2024

  • 7.8

    HIGH
    CVE-2017-18509

    An issue was discovered in net/ipv6/ip6mr.c in the Linux kernel before 4.11. By setting a specific socket option, an attacker can control a pointer in kernel land and cause an inet_csk_listen_stop general protection fault, or potentially execute arbitrary... Read more

    Affected Products : linux_kernel ubuntu_linux debian_linux
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18508

    The wp-live-chat-support plugin before 7.1.03 for WordPress has XSS.... Read more

    Affected Products : live_chat
    • Published: Aug. 12, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18507

    The wp-live-chat-support plugin before 7.1.05 for WordPress has XSS.... Read more

    Affected Products : live_chat
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18506

    The woocommerce-pdf-invoices-packing-slips plugin before 2.0.13 for WordPress has XSS via the tab or section variable on settings screens.... Read more

    • Published: Aug. 12, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18505

    The twitter-plugin plugin before 2.55 for WordPress has XSS.... Read more

    Affected Products : twitter_button
    • Published: Aug. 12, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2017-18504

    The twitter-cards-meta plugin before 2.5.0 for WordPress has CSRF.... Read more

    Affected Products : twitter_cards_meta
    • Published: Aug. 12, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18503

    The twitter-cards-meta plugin before 2.5.0 for WordPress has XSS.... Read more

    Affected Products : twitter_cards_meta
    • Published: Aug. 12, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 292815 Results