Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2024-52394

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in nopea.Media Print PDF Generator and Publisher allows Stored XSS.This issue affects Print PDF Generator and Publisher: from n/a through 1.1.6.... Read more

    Affected Products :
    • Published: Nov. 18, 2024
    • Modified: Nov. 19, 2024

  • 9.8

    CRITICAL
    CVE-2024-51053

    An arbitrary file upload vulnerability in the component /main/fileupload.php of AVSCMS v8.2.0 allows attackers to execute arbitrary code via uploading a crafted file.... Read more

    Affected Products :
    • Published: Nov. 18, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-52349

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Md. Shiddikur Rahman Awesome Tool Tip allows DOM-Based XSS.This issue affects Awesome Tool Tip: from n/a through 1.0.... Read more

    Affected Products :
    • Published: Nov. 18, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51939

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Santhosh veer Stylish Internal Links allows DOM-Based XSS.This issue affects Stylish Internal Links: from n/a through 1.9.... Read more

    Affected Products :
    • Published: Nov. 18, 2024
    • Modified: Nov. 19, 2024

  • 6.1

    MEDIUM
    CVE-2024-9830

    The Bard theme for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 2.216. This makes it possible for unauthenticated attackers to injec... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 0.0

    NA
    CVE-2024-50294

    In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix missing locking causing hanging calls If a call gets aborted (e.g. because kafs saw a signal) between it being queued for connection and the I/O thread picking up the call, t... Read more

    Affected Products : linux_kernel
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51826

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in James Turner Bitcoin Payments allows DOM-Based XSS.This issue affects Bitcoin Payments: from n/a through 1.4.2.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 7.1

    HIGH
    CVE-2024-51634

    Cross-Site Request Forgery (CSRF) vulnerability in Webriti WordPress Themes & Plugins Shop Webriti Custom Login allows Reflected XSS.This issue affects Webriti Custom Login: from n/a through 0.3.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51819

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tigris – Flexplatform Tigris Flexplatform allows Stored XSS.This issue affects Tigris Flexplatform: from n/a through .0.2.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-50518

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Common Ninja Pricer Ninja allows Stored XSS.This issue affects Pricer Ninja: from n/a through 2.1.0.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 7.1

    HIGH
    CVE-2024-50522

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Redy Ru WeChat Subscribers Lite allows Reflected XSS.This issue affects WeChat Subscribers Lite : from n/a through 1.6.6.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51864

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Agnel Waghela Shortcode Collection allows Stored XSS.This issue affects Shortcode Collection: from n/a through 1.4.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51870

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in aniketji007 Ultimate Flipbox Addon for Elementor allows Stored XSS.This issue affects Ultimate Flipbox Addon for Elementor: from n/a through .4.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51912

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Lilaea Media IntelliWidget Elements allows DOM-Based XSS.This issue affects IntelliWidget Elements: from n/a through 2.2.7.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51893

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemeAtelier Postify: Post Layout For Elementor allows DOM-Based XSS.This issue affects Postify: Post Layout For Elementor: from n/a through 1.0.1.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51904

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Joan Boluda Embed documents shortcode allows Stored XSS.This issue affects Embed documents shortcode: from n/a through 1.5.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51897

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Erik Saulnier News Articles allows Stored XSS.This issue affects News Articles: from n/a through 1.0.0.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51850

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bchristopeit WoW Guild Armory Roster allows Stored XSS.This issue affects WoW Guild Armory Roster: from n/a through 0.5.5.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 5.3

    MEDIUM
    CVE-2024-52395

    Missing Authorization vulnerability in QunatumCloud Floating Buttons for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Floating Buttons for WooCommerce: from n/a through 2.8.8.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 7.1

    HIGH
    CVE-2024-52421

    Cross-Site Request Forgery (CSRF) vulnerability in wp-buy WP Popup Window Maker allows Stored XSS.This issue affects WP Popup Window Maker: from n/a through 2.0.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024
Showing 20 of 293624 Results