Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.1

    MEDIUM
    CVE-2016-10880

    The google-document-embedder plugin before 2.6.1 for WordPress has XSS.... Read more

    Affected Products : google_doc_embedder
    • EPSS Score: %0.19
    • Published: Aug. 14, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-10879

    The wp-live-chat-support plugin before 6.2.02 for WordPress has XSS.... Read more

    Affected Products : live_chat
    • EPSS Score: %0.44
    • Published: Aug. 12, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-10877

    The wp-editor plugin before 1.2.6.3 for WordPress has multiple XSS issues.... Read more

    Affected Products : wp_editor wp_editor
    • EPSS Score: %0.44
    • Published: Aug. 12, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-10876

    The wp-database-backup plugin before 4.3.1 for WordPress has CSRF.... Read more

    Affected Products : wp_database_backup
    • EPSS Score: %0.13
    • Published: Aug. 12, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-10875

    The wp-database-backup plugin before 4.3.1 for WordPress has XSS.... Read more

    Affected Products : wp_database_backup
    • EPSS Score: %0.21
    • Published: Aug. 12, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-10874

    The wp-database-backup plugin before 4.3.3 for WordPress has CSRF.... Read more

    Affected Products : wp_database_backup
    • EPSS Score: %0.20
    • Published: Aug. 12, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-10873

    The wp-database-backup plugin before 4.3.3 for WordPress has XSS.... Read more

    Affected Products : wp_database_backup
    • EPSS Score: %0.19
    • Published: Aug. 12, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-10872

    The ultimate-member plugin before 1.3.40 for WordPress has XSS on the login form.... Read more

    Affected Products : ultimate_member
    • EPSS Score: %0.31
    • Published: Aug. 12, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-10871

    The mailchimp-for-wp plugin before 4.0.11 for WordPress has XSS on the integration settings page.... Read more

    Affected Products : mailchimp
    • EPSS Score: %0.19
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-10870

    The google-language-translator plugin before 5.0.06 for WordPress has XSS.... Read more

    Affected Products : google_language_translator
    • EPSS Score: %0.19
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-10869

    The contact-form-plugin plugin before 4.0.2 for WordPress has XSS.... Read more

    Affected Products : contact_form
    • EPSS Score: %0.19
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-10868

    The all-in-one-wp-security-and-firewall plugin before 4.0.5 for WordPress has XSS in the blacklist, file system, and file change detection settings pages.... Read more

    • EPSS Score: %0.19
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-10867

    The all-in-one-wp-security-and-firewall plugin before 4.0.6 for WordPress has XSS in settings pages.... Read more

    • EPSS Score: %0.19
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-10866

    The all-in-one-wp-security-and-firewall plugin before 4.2.0 for WordPress has multiple XSS issues.... Read more

    • EPSS Score: %0.19
    • Published: Aug. 13, 2019
    • Modified: Nov. 21, 2024

  • 6.1

    MEDIUM
    CVE-2016-10865

    The Lightbox Plus Colorbox plugin through 2.7.2 for WordPress has cross-site request forgery (CSRF) via wp-admin/admin.php?page=lightboxplus, as demonstrated by resultant width XSS.... Read more

    Affected Products : lightbox_plus_colorbox
    • EPSS Score: %0.11
    • Published: Aug. 09, 2019
    • Modified: Nov. 21, 2024

  • 5.2

    MEDIUM
    CVE-2016-10864

    NETGEAR EX7000 V1.0.0.42_1.0.94 devices allow XSS via the SSID.... Read more

    Affected Products : ex7000_firmware ex7000
    • EPSS Score: %0.14
    • Published: Aug. 08, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-10863

    Edimax Wi-Fi Extender devices allow goform/formwlencryptvxd CSRF with resultant PSK key disclosure.... Read more

    • EPSS Score: %0.14
    • Published: Aug. 08, 2019
    • Modified: Nov. 21, 2024

  • 8.8

    HIGH
    CVE-2016-10862

    Neet AirStream NAS1.1 devices have a password of ifconfig for the root account. This cannot be changed via the configuration page.... Read more

    • EPSS Score: %0.14
    • Published: Aug. 08, 2019
    • Modified: Nov. 21, 2024

  • 6.5

    MEDIUM
    CVE-2016-10861

    Neet AirStream NAS1.1 devices allow CSRF attacks that cause the settings binary to change the AP name and password.... Read more

    Affected Products : airstream_nas_firmware airstream
    • EPSS Score: %0.12
    • Published: Aug. 07, 2019
    • Modified: Nov. 21, 2024

  • 8.1

    HIGH
    CVE-2016-10860

    cPanel before 11.54.0.0 allows unauthorized zone modification via the WHM API (SEC-66).... Read more

    Affected Products : cpanel
    • EPSS Score: %0.24
    • Published: Aug. 01, 2019
    • Modified: Nov. 21, 2024
Showing 20 of 291867 Results