Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.1

    HIGH
    CVE-2024-54403

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ryan Scott Visual Recent Posts allows Reflected XSS.This issue affects Visual Recent Posts: from n/a through 1.2.3.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 4.3

    MEDIUM
    CVE-2024-54402

    Missing Authorization vulnerability in Jozoor Arabic Webfonts allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Arabic Webfonts: from n/a through 1.4.6.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 7.1

    HIGH
    CVE-2024-54401

    Cross-Site Request Forgery (CSRF) vulnerability in Turcu Ciprian Advanced Fancybox allows Stored XSS.This issue affects Advanced Fancybox: from n/a through 1.1.1.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 7.1

    HIGH
    CVE-2024-54400

    Cross-Site Request Forgery (CSRF) vulnerability in MELONIQ.NET AppMaps allows Stored XSS.This issue affects AppMaps: from n/a through 1.1.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 7.1

    HIGH
    CVE-2024-54399

    Cross-Site Request Forgery (CSRF) vulnerability in CRUDLab CRUDLab Google Plus Button allows Stored XSS.This issue affects CRUDLab Google Plus Button: from n/a through 1.0.2.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 7.1

    HIGH
    CVE-2024-54398

    Cross-Site Request Forgery (CSRF) vulnerability in Project Caruso Flaming Forms allows Stored XSS.This issue affects Flaming Forms: from n/a through 1.0.1.... Read more

    Affected Products : flaming_forms
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 7.1

    HIGH
    CVE-2024-54397

    Cross-Site Request Forgery (CSRF) vulnerability in Antonio Gocaj Go Animate allows Stored XSS.This issue affects Go Animate: from n/a through 1.0.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 4.3

    MEDIUM
    CVE-2024-54396

    Cross-Site Request Forgery (CSRF) vulnerability in Ryan Bet sport Free allows Cross Site Request Forgery.This issue affects Bet sport Free: from n/a through 1.0.0.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 7.1

    HIGH
    CVE-2024-54395

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Becky Sanders Increase Sociability allows Reflected XSS.This issue affects Increase Sociability: from n/a through 1.3.0.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 7.1

    HIGH
    CVE-2024-54394

    Cross-Site Request Forgery (CSRF) vulnerability in Web solution soft Mandrill WP allows Stored XSS.This issue affects Mandrill WP: from n/a through 1.0.5.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 7.1

    HIGH
    CVE-2024-54393

    Cross-Site Request Forgery (CSRF) vulnerability in Sheikh Heera WP Fiddle allows Stored XSS.This issue affects WP Fiddle: from n/a through 1.0.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 7.1

    HIGH
    CVE-2024-54392

    Cross-Site Request Forgery (CSRF) vulnerability in Midoks WP微信机器人 allows Stored XSS.This issue affects WP微信机器人: from n/a through 5.3.5.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 7.1

    HIGH
    CVE-2024-54391

    Cross-Site Request Forgery (CSRF) vulnerability in Matt Walters WordPress Filter allows Stored XSS.This issue affects WordPress Filter: from n/a through 1.4.1.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 7.1

    HIGH
    CVE-2024-54390

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Bouzid Nazim Zitouni TagGator allows Reflected XSS.This issue affects TagGator: from n/a through 1.54.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 7.1

    HIGH
    CVE-2024-54389

    Cross-Site Request Forgery (CSRF) vulnerability in Eduardo Chiaro addWeather allows Cross Site Request Forgery.This issue affects addWeather: from n/a through 2.5.1.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 7.1

    HIGH
    CVE-2024-54388

    Cross-Site Request Forgery (CSRF) vulnerability in Phuc Pham Multiple Admin Emails allows Cross Site Request Forgery.This issue affects Multiple Admin Emails: from n/a through 1.0.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 7.1

    HIGH
    CVE-2024-54387

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jaytesh Barange Posts Date Ranges allows Reflected XSS.This issue affects Posts Date Ranges: from n/a through 2.2.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 7.1

    HIGH
    CVE-2024-54386

    Cross-Site Request Forgery (CSRF) vulnerability in Get Push Monkey LLC Push Monkey Pro – Web Push Notifications and WooCommerce Abandoned Cart allows Cross Site Request Forgery.This issue affects Push Monkey Pro – Web Push Notifications and WooCommerce Ab... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 7.2

    HIGH
    CVE-2024-54385

    Server-Side Request Forgery (SSRF) vulnerability in SoftLab Radio Player allows Server Side Request Forgery.This issue affects Radio Player: from n/a through 2.0.82.... Read more

    Affected Products : radio_player
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024

  • 4.3

    MEDIUM
    CVE-2024-54384

    Missing Authorization vulnerability in eLightUp Falcon – WordPress Optimizations & Tweaks allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Falcon – WordPress Optimizations & Tweaks: from n/a through 2.8.3.... Read more

    Affected Products :
    • Published: Dec. 16, 2024
    • Modified: Dec. 16, 2024
Showing 20 of 292714 Results