Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.1

    HIGH
    CVE-2024-47394

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in eyecix JobSearch allows Reflected XSS.This issue affects JobSearch: from n/a through 2.5.9.... Read more

    Affected Products : jobsearch_wp_job_board
    • Published: Oct. 05, 2024
    • Modified: Oct. 07, 2024

  • 7.1

    HIGH
    CVE-2024-47367

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in YITH YITH WooCommerce Product Add-Ons allows Reflected XSS.This issue affects YITH WooCommerce Product Add-Ons: from n/a through 4.13.0.... Read more

    Affected Products : yith_woocommerce_product_add-ons
    • Published: Oct. 06, 2024
    • Modified: Oct. 07, 2024

  • 7.1

    HIGH
    CVE-2024-47327

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Eyal Fitoussi GEO my WordPress allows Reflected XSS.This issue affects GEO my WordPress: from n/a through 4.5.0.3.... Read more

    Affected Products : geo_my_wordpress
    • Published: Oct. 06, 2024
    • Modified: Oct. 07, 2024

  • 5.9

    MEDIUM
    CVE-2024-47336

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Vladimir Statsenko Terms descriptions allows Stored XSS.This issue affects Terms descriptions: from n/a through 3.4.6.... Read more

    Affected Products : terms_descriptions
    • Published: Oct. 06, 2024
    • Modified: Oct. 07, 2024

  • 6.5

    MEDIUM
    CVE-2024-47343

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kraftplugins Mega Elements allows Stored XSS.This issue affects Mega Elements: from n/a through 1.2.4.... Read more

    Affected Products : mega_elements
    • Published: Oct. 06, 2024
    • Modified: Oct. 07, 2024

  • 7.3

    HIGH
    CVE-2023-6361

    A vulnerability has been discovered in Winhex affecting version 16.1 SR-1 and 20.4. This vulnerability consists of a buffer overflow controlling the Structured Exception Handler (SEH) registers. This could allow attackers to execute arbitrary code via a l... Read more

    Affected Products :
    • Published: Oct. 07, 2024
    • Modified: Oct. 07, 2024

  • 6.5

    MEDIUM
    CVE-2024-44025

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Nicejob NiceJob allows Stored XSS.This issue affects NiceJob: from n/a before 3.6.5.... Read more

    Affected Products :
    • Published: Oct. 06, 2024
    • Modified: Oct. 07, 2024

  • 6.5

    MEDIUM
    CVE-2024-44027

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in TemeGUM Gum Elementor Addon allows Stored XSS.This issue affects Gum Elementor Addon: from n/a through 1.3.6.... Read more

    Affected Products :
    • Published: Oct. 06, 2024
    • Modified: Oct. 07, 2024

  • 5.9

    MEDIUM
    CVE-2024-47387

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in LinkGraph Search Atlas SEO allows Stored XSS.This issue affects Search Atlas SEO: from n/a through 1.8.2.... Read more

    Affected Products :
    • Published: Oct. 05, 2024
    • Modified: Oct. 07, 2024

  • 5.1

    MEDIUM
    CVE-2024-47313

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Catch Themes Catch Base allows Stored XSS.This issue affects Catch Base: from n/a through 3.4.6.... Read more

    Affected Products :
    • Published: Oct. 06, 2024
    • Modified: Oct. 07, 2024

  • 7.1

    HIGH
    CVE-2024-47644

    Cross-Site Request Forgery (CSRF) vulnerability in Copyscape / Indigo Stream Technologies Copyscape Premium allows Stored XSS.This issue affects Copyscape Premium: from n/a through 1.3.6.... Read more

    Affected Products :
    • Published: Oct. 05, 2024
    • Modified: Oct. 07, 2024

  • 7.1

    HIGH
    CVE-2024-47326

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ILLID Share This Image allows Reflected XSS.This issue affects Share This Image: from n/a through 2.01.... Read more

    Affected Products :
    • Published: Oct. 06, 2024
    • Modified: Oct. 07, 2024

  • 6.5

    MEDIUM
    CVE-2024-47633

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Zoho Forms allows Stored XSS.This issue affects Zoho Forms: from n/a through 4.0.... Read more

    Affected Products :
    • Published: Oct. 05, 2024
    • Modified: Oct. 07, 2024

  • 5.9

    MEDIUM
    CVE-2024-47345

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brainstorm Force Starter Templates allows Stored XSS.This issue affects Starter Templates: from n/a through 4.4.0.... Read more

    Affected Products : starter_templates
    • Published: Oct. 06, 2024
    • Modified: Oct. 07, 2024

  • 7.1

    HIGH
    CVE-2024-47347

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Chart Builder Team Chartify allows Reflected XSS.This issue affects Chartify: from n/a through 2.7.6.... Read more

    Affected Products :
    • Published: Oct. 06, 2024
    • Modified: Oct. 07, 2024

  • 6.5

    MEDIUM
    CVE-2024-47642

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Keap Keap Official Opt-in Forms allows Stored XSS.This issue affects Keap Official Opt-in Forms: from n/a through 2.0.1.... Read more

    Affected Products : official_opt-in_forms
    • Published: Oct. 05, 2024
    • Modified: Oct. 07, 2024

  • 4.7

    MEDIUM
    CVE-2024-47646

    URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Payflex Payflex Payment Gateway.This issue affects Payflex Payment Gateway: from n/a through 2.6.1.... Read more

    Affected Products :
    • Published: Oct. 05, 2024
    • Modified: Oct. 07, 2024

  • 7.1

    HIGH
    CVE-2024-47352

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Xylus Themes WP Bulk Delete allows Reflected XSS.This issue affects WP Bulk Delete: from n/a through 1.3.1.... Read more

    Affected Products :
    • Published: Oct. 06, 2024
    • Modified: Oct. 07, 2024

  • 6.5

    MEDIUM
    CVE-2024-47393

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Quillforms Quill Forms allows Stored XSS.This issue affects Quill Forms: from n/a through 3.7.0.... Read more

    Affected Products :
    • Published: Oct. 05, 2024
    • Modified: Oct. 07, 2024

  • 7.1

    HIGH
    CVE-2024-47395

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Robokassa Robokassa payment gateway for Woocommerce allows Reflected XSS.This issue affects Robokassa payment gateway for Woocommerce: from n/a th... Read more

    Affected Products :
    • Published: Oct. 05, 2024
    • Modified: Oct. 07, 2024
Showing 20 of 292228 Results