Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2017-18502

    The subscriber plugin before 1.3.5 for WordPress has multiple XSS issues.... Read more

    Affected Products : subscriber
    • Published: Aug. 12, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18501

    The social-login-bws plugin before 0.2 for WordPress has multiple XSS issues.... Read more

    Affected Products : social_login
    • Published: Aug. 12, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18500

    The social-buttons-pack plugin before 1.1.1 for WordPress has multiple XSS issues.... Read more

    Affected Products : social_buttons_pack
    • Published: Aug. 12, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18499

    The simple-membership plugin before 3.5.7 for WordPress has XSS.... Read more

    Affected Products : simple_membership
    • Published: Aug. 12, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18498

    The simple-job-board plugin before 2.4.4 for WordPress has reflected XSS via keyword search.... Read more

    Affected Products : simple_job_board
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18497

    The liveforms plugin before 3.4.0 for WordPress has XSS.... Read more

    Affected Products : live_forms
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18496

    The htaccess plugin before 1.7.6 for WordPress has multiple XSS issues.... Read more

    Affected Products : htaccess
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18495

    The gravity-forms-sms-notifications plugin before 2.4.0 for WordPress has XSS.... Read more

    Affected Products : gravity_forms
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18494

    The custom-search-plugin plugin before 1.36 for WordPress has multiple XSS issues.... Read more

    Affected Products : custom_search
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18493

    The custom-admin-page plugin before 0.1.2 for WordPress has multiple XSS issues.... Read more

    Affected Products : custom_admin_page
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18492

    The contact-form-to-db plugin before 1.5.7 for WordPress has multiple XSS issues.... Read more

    Affected Products : contact_form_to_db
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18491

    The contact-form-plugin plugin before 4.0.6 for WordPress has multiple XSS issues.... Read more

    Affected Products : contact_form
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18490

    The contact-form-multi plugin before 1.2.1 for WordPress has multiple XSS issues.... Read more

    Affected Products : contact_form_multi
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18489

    The contact-form-7-sms-addon plugin before 2.4.0 for WordPress has XSS.... Read more

    Affected Products : contact_form_7_-_clockwork_sms
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18488

    The Backup Guard plugin before 1.1.47 for WordPress has multiple XSS issues.... Read more

    Affected Products : backup_guard
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18487

    The adsense-plugin (aka Google AdSense) plugin before 1.44 for WordPress has multiple XSS issues.... Read more

    Affected Products : google_adsense
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 7.2

    HIGH
    CVE-2017-18486

    Jitbit Helpdesk before 9.0.3 allows remote attackers to escalate privileges because of mishandling of the User/AutoLogin userHash parameter. By inspecting the token value provided in a password reset link, a user can leverage a weak PRNG to recover the sh... Read more

    Affected Products : helpdesk
    • Published: Aug. 09, 2019
    • Modified: Nov. 21, 2024

  • 5.8

    MEDIUM
    CVE-2017-18485

    Cognitoys Dino devices allow profiles_add.html CSRF.... Read more

    • Published: Aug. 08, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18484

    Cognitoys Dino devices allow XSS via the SSID.... Read more

    • Published: Aug. 08, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2017-18483

    ANNKE SP1 HD wireless camera 3.4.1.1604071109 devices allow XSS via a crafted SSID.... Read more

    Affected Products : sp1_firmware sp1
    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 292815 Results