Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2024-51830

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Fazilatunnesa News Ticker allows Stored XSS.This issue affects News Ticker: from n/a through 1.0.... Read more

    Affected Products : newsticker
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51833

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Noman Akhtar Easy Social Sharebar allows Stored XSS.This issue affects Easy Social Sharebar: from n/a through 1.0.0.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51812

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Wasim Pro Addons For Elementor allows Stored XSS.This issue affects Pro Addons For Elementor: from n/a through 1.5.0.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51799

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in VBog Bg Patriarchia BU allows DOM-Based XSS.This issue affects Bg Patriarchia BU: from n/a through 2.2.3.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 4.3

    MEDIUM
    CVE-2024-51686

    Cross-Site Request Forgery (CSRF) vulnerability in Deepak Khokhar, Surender Khokhar Manage User Columns allows Cross Site Request Forgery.This issue affects Manage User Columns: from n/a through 1.0.5.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 7.1

    HIGH
    CVE-2024-51645

    Cross-Site Request Forgery (CSRF) vulnerability in Themefuse ThemeFuse Maintenance Mode allows Stored XSS.This issue affects ThemeFuse Maintenance Mode: from n/a through 1.1.3.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 7.8

    HIGH
    CVE-2024-10204

    Heap-based Buffer Overflow and Uninitialized Variable vulnerabilities exist in the X_B and SAT file reading procedure in eDrawings from Release SOLIDWORKS 2024 through Release SOLIDWORKS 2025. These vulnerabilities could allow an attacker to execute arbit... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.4

    MEDIUM
    CVE-2024-11224

    The Parallax Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘position’ parameter in all versions up to, and including, 1.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticate... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 5.5

    MEDIUM
    CVE-2024-11098

    The SVG Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 1.1.24 due to insufficient input sanitization and output escaping. This makes it possible for authenticated... Read more

    Affected Products : svg_block
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51802

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bread & Butter IO Inc. Bread & Butter allows DOM-Based XSS.This issue affects Bread & Butter: from n/a through 7.4.857.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 5.9

    MEDIUM
    CVE-2024-50516

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Adam Skaat Countdown & Clock allows Stored XSS.This issue affects Countdown & Clock: from n/a through 2.8.0.9.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-50549

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bonway Services Bonway Static Block Editor allows DOM-Based XSS.This issue affects Bonway Static Block Editor: from n/a through 1.1.0.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-50517

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SlovenskoIT a.s. ID-SK Toolkit allows Stored XSS.This issue affects ID-SK Toolkit: from n/a through 1.7.2.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-50546

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Print Reach, Inc. MyOrderDesk allows DOM-Based XSS.This issue affects MyOrderDesk: from n/a through 3.2.6.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 7.1

    HIGH
    CVE-2024-50533

    Cross-Site Request Forgery (CSRF) vulnerability in David Garcia Domain Sharding allows Stored XSS.This issue affects Domain Sharding: from n/a through 1.2.1.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-50520

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Peter J. Herrel Ancient World Linked Data allows DOM-Based XSS.This issue affects Ancient World Linked Data: from n/a through 0.2.1.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51795

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ByteLabX Pdf Embedder Fay allows DOM-Based XSS.This issue affects Pdf Embedder Fay: from n/a through 1.10.1.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-50554

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sided Sided allows DOM-Based XSS.This issue affects Sided: from n/a through 1.4.2.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 0.0

    NA
    CVE-2024-50290

    In the Linux kernel, the following vulnerability has been resolved: media: cx24116: prevent overflows on SNR calculus as reported by Coverity, if reading SNR registers fail, a negative number will be returned, causing an underflow when reading SNR regis... Read more

    Affected Products : linux_kernel
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 7.1

    HIGH
    CVE-2024-50534

    Cross-Site Request Forgery (CSRF) vulnerability in Syed Umair Hussain Shah World Prayer Time allows Stored XSS.This issue affects World Prayer Time: from n/a through 2.0.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024
Showing 20 of 293534 Results