Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.1

    HIGH
    CVE-2024-54341

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LabelGrid LabelGrid Tools allows Reflected XSS.This issue affects LabelGrid Tools: from n/a through 1.3.58.... Read more

    Affected Products :
    • Published: Dec. 13, 2024
    • Modified: Dec. 13, 2024

  • 7.1

    HIGH
    CVE-2024-54340

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sylvia van Os Simple Presenter allows Reflected XSS.This issue affects Simple Presenter: from n/a through 1.5.1.... Read more

    Affected Products :
    • Published: Dec. 13, 2024
    • Modified: Dec. 13, 2024

  • 7.1

    HIGH
    CVE-2024-54339

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jbd7 geoFlickr allows Reflected XSS.This issue affects geoFlickr: from n/a through 1.3.... Read more

    Affected Products :
    • Published: Dec. 13, 2024
    • Modified: Dec. 13, 2024

  • 6.5

    MEDIUM
    CVE-2024-54338

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Christer Fernstrom Hello Event Widgets For Elementor allows DOM-Based XSS.This issue affects Hello Event Widgets For Elementor: from n/a through 1.0.2.... Read more

    Affected Products :
    • Published: Dec. 13, 2024
    • Modified: Dec. 13, 2024

  • 7.1

    HIGH
    CVE-2024-54337

    Cross-Site Request Forgery (CSRF) vulnerability in DevriX DX Dark Site allows Stored XSS.This issue affects DX Dark Site: from n/a through 1.0.1.... Read more

    Affected Products :
    • Published: Dec. 13, 2024
    • Modified: Dec. 13, 2024

  • 8.8

    HIGH
    CVE-2024-54336

    Authentication Bypass Using an Alternate Path or Channel vulnerability in Projectopia Projectopia allows Authentication Bypass.This issue affects Projectopia: from n/a through 5.1.7.... Read more

    Affected Products : projectopia
    • Published: Dec. 13, 2024
    • Modified: Dec. 13, 2024

  • 7.1

    HIGH
    CVE-2024-54335

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ZebraSoft Monaco ImmoToolBox Connect allows Reflected XSS.This issue affects ImmoToolBox Connect: from n/a through 1.3.3.... Read more

    Affected Products :
    • Published: Dec. 13, 2024
    • Modified: Dec. 13, 2024

  • 6.5

    MEDIUM
    CVE-2024-54334

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Zeshan B Quran Phrases About Most People Shortcodes allows DOM-Based XSS.This issue affects Quran Phrases About Most People Shortcodes: from n/a through ... Read more

    Affected Products :
    • Published: Dec. 13, 2024
    • Modified: Dec. 13, 2024

  • 7.1

    HIGH
    CVE-2024-54333

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in silverplugins217 Check Pincode For Woocommerce allows Reflected XSS.This issue affects Check Pincode For Woocommerce: from n/a through 1.1.... Read more

    Affected Products :
    • Published: Dec. 13, 2024
    • Modified: Dec. 13, 2024

  • 7.2

    HIGH
    CVE-2024-54330

    Server-Side Request Forgery (SSRF) vulnerability in Hep Hep Hurra (HHH) Hurrakify allows Server Side Request Forgery.This issue affects Hurrakify: from n/a through 2.4.... Read more

    Affected Products :
    • Published: Dec. 13, 2024
    • Modified: Dec. 13, 2024

  • 7.1

    HIGH
    CVE-2024-54329

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Metup s.r.l. CleverNode Related Content allows Reflected XSS.This issue affects CleverNode Related Content: from n/a through 1.1.5.... Read more

    Affected Products :
    • Published: Dec. 13, 2024
    • Modified: Dec. 13, 2024

  • 7.1

    HIGH
    CVE-2024-54328

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Link Nacional Invoice Payment for WooCommerce allows Reflected XSS.This issue affects Invoice Payment for WooCommerce: from n/a through 1.7.2.... Read more

    Affected Products :
    • Published: Dec. 13, 2024
    • Modified: Dec. 13, 2024

  • 7.1

    HIGH
    CVE-2024-54327

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in universam UNIVERSAM allows Reflected XSS.This issue affects UNIVERSAM: from n/a through n/a.... Read more

    Affected Products :
    • Published: Dec. 13, 2024
    • Modified: Dec. 13, 2024

  • 6.5

    MEDIUM
    CVE-2024-54326

    Missing Authorization vulnerability in Eyal Fitoussi GEO my WordPress allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GEO my WordPress: from n/a through 4.5.0.4.... Read more

    Affected Products : geo_my_wordpress
    • Published: Dec. 13, 2024
    • Modified: Dec. 13, 2024

  • 7.1

    HIGH
    CVE-2024-54325

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DealerTrend CarDealerPress allows Reflected XSS.This issue affects CarDealerPress: from n/a through 6.6.2410.02.... Read more

    Affected Products :
    • Published: Dec. 13, 2024
    • Modified: Dec. 13, 2024

  • 7.1

    HIGH
    CVE-2024-54324

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Cloud Inn SMSify allows Reflected XSS.This issue affects SMSify: from n/a through 6.0.4.... Read more

    Affected Products :
    • Published: Dec. 13, 2024
    • Modified: Dec. 13, 2024

  • 5.4

    MEDIUM
    CVE-2024-54323

    Missing Authorization vulnerability in WPExpertsio New User Approve allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects New User Approve: from n/a through 2.6.2.... Read more

    Affected Products : new_user_approve
    • Published: Dec. 13, 2024
    • Modified: Dec. 13, 2024

  • 7.1

    HIGH
    CVE-2024-54322

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ederson Peka Media Downloader allows Reflected XSS.This issue affects Media Downloader: from n/a through 0.4.7.4.... Read more

    Affected Products : media_downloader
    • Published: Dec. 13, 2024
    • Modified: Dec. 13, 2024

  • 4.3

    MEDIUM
    CVE-2024-54321

    Cross-Site Request Forgery (CSRF) vulnerability in Hive Support Hive Support – WordPress Help Desk allows Cross Site Request Forgery.This issue affects Hive Support – WordPress Help Desk: from n/a through 1.1.2.... Read more

    Affected Products :
    • Published: Dec. 13, 2024
    • Modified: Dec. 13, 2024

  • 7.1

    HIGH
    CVE-2024-54320

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ICDSoft Hosting ICDSoft Reseller Store allows Reflected XSS.This issue affects ICDSoft Reseller Store: from n/a through 2.4.5.... Read more

    Affected Products :
    • Published: Dec. 13, 2024
    • Modified: Dec. 13, 2024
Showing 20 of 292758 Results