Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.1

    CVSS31
    CVE-2024-43971

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Sunshine Sunshine Photo Cart allows Reflected XSS.This issue affects Sunshine Photo Cart: from n/a through 3.2.5.... Read more

    Affected Products : sunshine_photo_cart
    • Published: Sep. 18, 2024
    • Modified: Sep. 18, 2024

  • 7.1

    CVSS31
    CVE-2024-43970

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SureCart allows Reflected XSS.This issue affects SureCart: from n/a through 2.29.3.... Read more

    Affected Products :
    • Published: Sep. 18, 2024
    • Modified: Sep. 18, 2024

  • 6.5

    CVSS31
    CVE-2024-45452

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Septera septera allows Stored XSS.This issue affects Septera: from n/a through 1.5.1.... Read more

    Affected Products :
    • Published: Sep. 17, 2024
    • Modified: Sep. 17, 2024

  • 6.5

    CVSS31
    CVE-2024-45451

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Roseta allows Stored XSS.This issue affects Roseta: from n/a through 1.3.0.... Read more

    Affected Products :
    • Published: Sep. 17, 2024
    • Modified: Sep. 17, 2024

  • 7.1

    CVSS31
    CVE-2024-44064

    Cross-Site Request Forgery (CSRF) vulnerability in LikeBtn Like Button Rating allows Cross-Site Scripting (XSS).This issue affects Like Button Rating: from n/a through 2.6.54.... Read more

    Affected Products :
    • Published: Sep. 17, 2024
    • Modified: Sep. 17, 2024

  • 6.5

    CVSS31
    CVE-2024-44051

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Johan van der Wijk Content Blocks (Custom Post Widget) allows Stored XSS.This issue affects Content Blocks (Custom Post Widget): from n/a through ... Read more

    Affected Products :
    • Published: Sep. 17, 2024
    • Modified: Sep. 17, 2024

  • 6.5

    CVSS31
    CVE-2024-44050

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CryoutCreations Verbosa allows Stored XSS.This issue affects Verbosa: from n/a through 1.2.3.... Read more

    Affected Products :
    • Published: Sep. 17, 2024
    • Modified: Sep. 17, 2024

  • 6.5

    CVSS31
    CVE-2024-44049

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in ThemeHunk Gutenberg Blocks – Unlimited blocks For Gutenberg allows Stored XSS.This issue affects Gutenberg Blocks – Unlimited blocks For Gutenberg... Read more

    Affected Products :
    • Published: Sep. 17, 2024
    • Modified: Sep. 17, 2024

  • 6.5

    CVSS31
    CVE-2024-44047

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in IDX Broker IMPress for IDX Broker allows Stored XSS.This issue affects IMPress for IDX Broker: from n/a through 3.2.2.... Read more

    Affected Products :
    • Published: Sep. 17, 2024
    • Modified: Sep. 17, 2024

  • 7.1

    CVSS31
    CVE-2024-44009

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WC Lovers WCFM Marketplace allows Reflected XSS.This issue affects WCFM Marketplace: from n/a through 3.6.10.... Read more

    Affected Products :
    • Published: Sep. 17, 2024
    • Modified: Sep. 17, 2024

  • 6.5

    CVSS31
    CVE-2024-44008

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dylan Kuhn Geo Mashup allows Stored XSS.This issue affects Geo Mashup: from n/a through 1.13.12.... Read more

    Affected Products :
    • Published: Sep. 17, 2024
    • Modified: Sep. 17, 2024

  • 7.1

    CVSS31
    CVE-2024-44007

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SKT Themes SKT Templates – Elementor & Gutenberg templates allows Reflected XSS.This issue affects SKT Templates – Elementor & Gutenberg templates... Read more

    Affected Products :
    • Published: Sep. 17, 2024
    • Modified: Sep. 17, 2024

  • 9.3

    CVSS31
    CVE-2024-44004

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPTaskForce WPCargo Track & Trace allows SQL Injection.This issue affects WPCargo Track & Trace: from n/a through 7.0.6.... Read more

    Affected Products :
    • Published: Sep. 17, 2024
    • Modified: Sep. 17, 2024

  • 5.9

    CVSS31
    CVE-2024-43985

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in MagePeople Team Bus Ticket Booking with Seat Reservation allows Stored XSS.This issue affects Bus Ticket Booking with Seat Reservation: from n/a t... Read more

    Affected Products :
    • Published: Sep. 17, 2024
    • Modified: Sep. 17, 2024

  • 9.3

    CVSS31
    CVE-2024-43978

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in highwarden Super Store Finder allows SQL Injection.This issue affects Super Store Finder: from n/a before 6.9.8.... Read more

    Affected Products :
    • Published: Sep. 17, 2024
    • Modified: Sep. 17, 2024

  • 6.5

    CVSS31
    CVE-2024-43977

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows Stored XSS.This issue affects The Plus Addons for Elementor Page Builder Lite: fro... Read more

    Affected Products : the_plus_addons_for_elementor
    • Published: Sep. 17, 2024
    • Modified: Sep. 17, 2024

  • 9.3

    CVSS31
    CVE-2024-43976

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in highwarden Super Store Finder allows SQL Injection.This issue affects Super Store Finder: from n/a through 6.9.7.... Read more

    Affected Products :
    • Published: Sep. 17, 2024
    • Modified: Sep. 17, 2024

  • 7.6

    CVSS31
    CVE-2024-43969

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Spiffy Plugins Spiffy Calendar allows SQL Injection.This issue affects Spiffy Calendar: from n/a through 4.9.12.... Read more

    Affected Products : spiffy_calendar
    • Published: Sep. 17, 2024
    • Modified: Sep. 17, 2024

  • 6.5

    CVSS31
    CVE-2024-43938

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jeroen Peters Name Directory allows Reflected XSS.This issue affects Name Directory: from n/a through 1.29.0.... Read more

    Affected Products : name_directory
    • Published: Sep. 17, 2024
    • Modified: Sep. 17, 2024

  • 5.9

    CVSS31
    CVE-2024-37985

    Windows Kernel Information Disclosure Vulnerability... Read more

    Affected Products : windows_11_22h2 windows_11_23h2
    • Published: Sep. 17, 2024
    • Modified: Sep. 17, 2024
Showing 20 of 320 Results