Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2016-10934

    The check-email plugin before 0.5.2 for WordPress has XSS.... Read more

    Affected Products : check_email
    • EPSS Score: %0.19
    • Published: Aug. 27, 2019
    • Modified: Nov. 21, 2024

  • 5.9

    MEDIUM
    CVE-2016-10933

    An issue was discovered in the portaudio crate through 0.7.0 for Rust. There is a man-in-the-middle issue because the source code is downloaded over cleartext HTTP.... Read more

    Affected Products : portaudio
    • EPSS Score: %0.24
    • Published: Aug. 26, 2019
    • Modified: Nov. 21, 2024

  • 5.8

    MEDIUM
    CVE-2016-10932

    An issue was discovered in the hyper crate before 0.9.4 for Rust on Windows. There is an HTTPS man-in-the-middle vulnerability because hostname verification was omitted.... Read more

    Affected Products : windows hyper
    • EPSS Score: %0.20
    • Published: Aug. 26, 2019
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2016-10931

    An issue was discovered in the openssl crate before 0.9.0 for Rust. There is an SSL/TLS man-in-the-middle vulnerability because certificate verification is off by default and there is no API for hostname verification.... Read more

    Affected Products : openssl rust-openssl
    • EPSS Score: %0.18
    • Published: Aug. 26, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-10930

    The wp-support-plus-responsive-ticket-system plugin before 7.1.0 for WordPress has insecure direct object reference via a ticket number.... Read more

    • EPSS Score: %0.84
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 5.3

    MEDIUM
    CVE-2016-10929

    The advanced-ajax-page-loader plugin before 2.7.7 for WordPress has no protection against the reading of uploaded files when not logged in.... Read more

    Affected Products : advanced_ajax_page_loader
    • EPSS Score: %0.25
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-10928

    The onelogin-saml-sso plugin before 2.2.0 for WordPress has a hardcoded @@@nopass@@@ password for just-in-time provisioned users.... Read more

    Affected Products : onelogin_saml_sso
    • EPSS Score: %0.68
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2016-10927

    The nelio-ab-testing plugin before 4.5.11 for WordPress has SSRF in ajax/iesupport.php.... Read more

    Affected Products : nelio_ab_testing
    • EPSS Score: %0.45
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 10.0

    CRITICAL
    CVE-2016-10926

    The nelio-ab-testing plugin before 4.5.9 for WordPress has SSRF in ajax/iesupport.php.... Read more

    Affected Products : nelio_ab_testing
    • EPSS Score: %0.45
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-10925

    The peters-login-redirect plugin before 2.9.1 for WordPress has XSS during the editing of redirect URLs.... Read more

    Affected Products : loginwp
    • EPSS Score: %0.19
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 7.5

    HIGH
    CVE-2016-10924

    The ebook-download plugin before 1.2 for WordPress has directory traversal.... Read more

    Affected Products : zedna_ebook_download
    • EPSS Score: %62.23
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-10923

    The woocommerce-store-toolkit plugin before 1.5.8 for WordPress has privilege escalation.... Read more

    Affected Products : store_toolkit_for_woocommerce
    • EPSS Score: %0.34
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-10922

    The woocommerce-store-toolkit plugin before 1.5.7 for WordPress has privilege escalation.... Read more

    Affected Products : store_toolkit_for_woocommerce
    • EPSS Score: %0.34
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-10921

    The gallery-photo-gallery plugin before 1.0.1 for WordPress has SQL injection.... Read more

    Affected Products : photo_gallery
    • EPSS Score: %0.55
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-10920

    The gnucommerce plugin before 0.5.7-BETA for WordPress has XSS.... Read more

    Affected Products : gnucommerce
    • EPSS Score: %0.19
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-10919

    The wassup plugin before 1.9.1 for WordPress has XSS via the Top stats widget or the wassupURI::add_siteurl method, a different vulnerability than CVE-2012-2633.... Read more

    Affected Products : wassup_real_time_analytics
    • EPSS Score: %0.19
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-10918

    The gallery-by-supsystic plugin before 1.8.6 for WordPress has CSRF.... Read more

    Affected Products : photo_gallery
    • EPSS Score: %0.11
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-10917

    The search-everything plugin before 8.1.6 for WordPress has SQL injection related to empty search strings, a different vulnerability than CVE-2014-2316.... Read more

    Affected Products : search_everything search_everything
    • EPSS Score: %0.69
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 9.8

    CRITICAL
    CVE-2016-10916

    The appointment-booking-calendar plugin before 1.1.24 for WordPress has SQL injection, a different vulnerability than CVE-2015-7319.... Read more

    Affected Products : appointment_booking_calendar
    • EPSS Score: %0.51
    • Published: Aug. 22, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-10915

    The popup-by-supsystic plugin before 1.7.9 for WordPress has CSRF.... Read more

    Affected Products : popup
    • EPSS Score: %0.11
    • Published: Aug. 20, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291741 Results