Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2024-43262

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in webriti Busiprof allows Stored XSS.This issue affects Busiprof: from n/a through 2.4.8.... Read more

    Affected Products :
    • Published: Aug. 18, 2024
    • Modified: Aug. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-43307

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Gordon Böhme, Antonio Leutsch Structured Content allows Stored XSS.This issue affects Structured Content: from n/a through 1.6.2.... Read more

    Affected Products :
    • Published: Aug. 18, 2024
    • Modified: Aug. 19, 2024

  • 7.1

    HIGH
    CVE-2024-43279

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tribulant Newsletters allows Reflected XSS.This issue affects Newsletters: from n/a through 4.9.8.... Read more

    Affected Products : newsletters
    • Published: Aug. 18, 2024
    • Modified: Aug. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-43353

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in myCred allows Stored XSS.This issue affects myCred: from n/a through 2.7.2.... Read more

    Affected Products : mycred
    • Published: Aug. 18, 2024
    • Modified: Aug. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-43349

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in AREOI All Bootstrap Blocks allows Stored XSS.This issue affects All Bootstrap Blocks: from n/a through 1.3.19.... Read more

    Affected Products : all_bootstrap_blocks
    • Published: Aug. 18, 2024
    • Modified: Aug. 19, 2024

  • 5.9

    MEDIUM
    CVE-2024-39666

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Automattic WooCommerce.This issue affects WooCommerce: from n/a through 9.1.2.... Read more

    Affected Products : woocommerce
    • Published: Aug. 18, 2024
    • Modified: Aug. 19, 2024

  • 0.0

    NA
    CVE-2024-43830

    In the Linux kernel, the following vulnerability has been resolved: leds: trigger: Unregister sysfs attributes before calling deactivate() Triggers which have trigger specific sysfs attributes typically store related data in trigger-data allocated by th... Read more

    Affected Products : linux_kernel
    • Published: Aug. 17, 2024
    • Modified: Aug. 19, 2024

  • 7.1

    HIGH
    CVE-2024-43241

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in azzaroco Ultimate Membership Pro allows Reflected XSS.This issue affects Ultimate Membership Pro: from n/a through 12.6.... Read more

    Affected Products : ultimate_membership_pro
    • Published: Aug. 18, 2024
    • Modified: Aug. 19, 2024

  • 6.4

    MEDIUM
    CVE-2024-7703

    The ARMember – Membership Plugin, Content Restriction, Member Levels, User Profile & User signup plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 4.0.37 due to insufficient input ... Read more

    Affected Products : armember
    • Published: Aug. 17, 2024
    • Modified: Aug. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-43320

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Livemesh Livemesh Addons for WPBakery Page Builder addons-for-visual-composer allows Stored XSS.This issue affects Livemesh Addons for WPBakery Pa... Read more

    Affected Products : wpbakery_page_builder_addons
    • Published: Aug. 18, 2024
    • Modified: Aug. 19, 2024

  • 7.1

    HIGH
    CVE-2024-43348

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Iznyn Purity Of Soul allows Reflected XSS.This issue affects Purity Of Soul: from n/a through 1.9.... Read more

    Affected Products :
    • Published: Aug. 18, 2024
    • Modified: Aug. 19, 2024

  • 7.1

    HIGH
    CVE-2024-43306

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP-Lister Lite for eBay allows Reflected XSS.This issue affects WP-Lister Lite for eBay: from n/a through 3.6.0.... Read more

    Affected Products :
    • Published: Aug. 18, 2024
    • Modified: Aug. 19, 2024

  • 7.2

    HIGH
    CVE-2023-3416

    The tagDiv Opt-In Builder plugin is vulnerable to Blind SQL Injection via the 'subscriptionCouponId' parameter via the 'create_stripe_subscription' REST API endpoint in versions up to, and including, 1.4.4 due to insufficient escaping on the user supplied... Read more

    Affected Products :
    • Published: Aug. 17, 2024
    • Modified: Aug. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-43284

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Travel WP Travel Gutenberg Blocks allows Stored XSS.This issue affects WP Travel Gutenberg Blocks: from n/a through 3.5.1.... Read more

    Affected Products :
    • Published: Aug. 18, 2024
    • Modified: Aug. 19, 2024

  • 0.0

    NA
    CVE-2024-42266

    In the Linux kernel, the following vulnerability has been resolved: btrfs: make cow_file_range_inline() honor locked_page on error The btrfs buffered write path runs through __extent_writepage() which has some tricky return value handling for writepage_... Read more

    Affected Products : linux_kernel
    • Published: Aug. 17, 2024
    • Modified: Aug. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-43278

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Phi Phan Meta Field Block allows Stored XSS.This issue affects Meta Field Block: from n/a through 1.2.13.... Read more

    Affected Products :
    • Published: Aug. 18, 2024
    • Modified: Aug. 19, 2024

  • 5.9

    MEDIUM
    CVE-2024-43291

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in voidCoders Void Contact Form 7 Widget For Elementor Page Builder allows Stored XSS.This issue affects Void Contact Form 7 Widget For Elementor Pag... Read more

    • Published: Aug. 18, 2024
    • Modified: Aug. 19, 2024

  • 8.5

    HIGH
    CVE-2024-43207

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Valiano Unite Gallery Lite.This issue affects Unite Gallery Lite: from n/a through 1.7.62.... Read more

    Affected Products : unite_gallery_lite
    • Published: Aug. 18, 2024
    • Modified: Aug. 19, 2024

  • 7.1

    HIGH
    CVE-2024-43246

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in creativeon WHMpress allows Reflected XSS.This issue affects WHMpress: from n/a through 6.2-revision-5.... Read more

    Affected Products :
    • Published: Aug. 18, 2024
    • Modified: Aug. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-43267

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Qamar Sheeraz, Nasir Ahmad, GenialSouls Mega Addons For Elementor allows Stored XSS.This issue affects Mega Addons For Elementor: from n/a through... Read more

    Affected Products :
    • Published: Aug. 18, 2024
    • Modified: Aug. 19, 2024
Showing 20 of 294073 Results