Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2024-53771

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sergio Micó SimpleSchema allows DOM-Based XSS.This issue affects SimpleSchema: from n/a through 1.7.6.9.... Read more

    Affected Products :
    • Published: Nov. 30, 2024
    • Modified: Nov. 30, 2024

  • 6.5

    MEDIUM
    CVE-2024-53767

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pixobe Pixobe Cartography allows DOM-Based XSS.This issue affects Pixobe Cartography: from n/a through 1.0.1.... Read more

    Affected Products :
    • Published: Nov. 30, 2024
    • Modified: Nov. 30, 2024

  • 6.5

    MEDIUM
    CVE-2024-53766

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Devnex Devnex Addons For Elementor allows DOM-Based XSS.This issue affects Devnex Addons For Elementor: from n/a through 1.0.8.... Read more

    Affected Products :
    • Published: Nov. 30, 2024
    • Modified: Nov. 30, 2024

  • 6.5

    MEDIUM
    CVE-2024-53764

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SoftHopper Softtemplates For Elementor allows DOM-Based XSS.This issue affects Softtemplates For Elementor: from n/a through 1.0.8.... Read more

    Affected Products :
    • Published: Nov. 30, 2024
    • Modified: Nov. 30, 2024

  • 6.5

    MEDIUM
    CVE-2024-53763

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rejuan Ahamed Best Addons for Elementor allows Stored XSS.This issue affects Best Addons for Elementor: from n/a through 1.0.5.... Read more

    Affected Products :
    • Published: Nov. 30, 2024
    • Modified: Nov. 30, 2024

  • 6.5

    MEDIUM
    CVE-2024-53760

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Capitalize My Title allows Stored XSS.This issue affects Capitalize My Title: from n/a through 0.5.3.... Read more

    Affected Products :
    • Published: Nov. 30, 2024
    • Modified: Nov. 30, 2024

  • 6.5

    MEDIUM
    CVE-2024-53758

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Terry Lin WP MathJax allows Stored XSS.This issue affects WP MathJax: from n/a through 1.0.1.... Read more

    Affected Products :
    • Published: Nov. 30, 2024
    • Modified: Nov. 30, 2024

  • 6.5

    MEDIUM
    CVE-2024-53757

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SocialEvolution WP Find Your Nearest allows Stored XSS.This issue affects WP Find Your Nearest: from n/a through 0.3.1.... Read more

    Affected Products :
    • Published: Nov. 30, 2024
    • Modified: Nov. 30, 2024

  • 6.5

    MEDIUM
    CVE-2024-53756

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Aftab Husain Vertical Carousel allows Stored XSS.This issue affects Vertical Carousel: from n/a through 1.0.2.... Read more

    Affected Products :
    • Published: Nov. 30, 2024
    • Modified: Nov. 30, 2024

  • 5.9

    MEDIUM
    CVE-2024-53788

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Portfoliohub WordPress Portfolio Builder – Portfolio Gallery allows Stored XSS.This issue affects WordPress Portfolio Builder – Portfolio Gallery: from n... Read more

    Affected Products : portfoliohub uber-grid
    • Published: Nov. 30, 2024
    • Modified: Nov. 30, 2024

  • 6.5

    MEDIUM
    CVE-2024-53787

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in vinoth06 Random Banner allows Stored XSS.This issue affects Random Banner: from n/a through 4.2.9.... Read more

    Affected Products : random_banner
    • Published: Nov. 30, 2024
    • Modified: Nov. 30, 2024

  • 7.6

    HIGH
    CVE-2024-53783

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Anzia Ni WooCommerce Cost Of Goods allows SQL Injection.This issue affects Ni WooCommerce Cost Of Goods: from n/a through 3.2.8.... Read more

    Affected Products :
    • Published: Nov. 30, 2024
    • Modified: Nov. 30, 2024

  • 5.3

    MEDIUM
    CVE-2024-53768

    Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in IDE Interactive Content Audit Exporter allows Retrieve Embedded Sensitive Data.This issue affects Content Audit Exporter: from n/a through 1.1.... Read more

    Affected Products :
    • Published: Nov. 30, 2024
    • Modified: Nov. 30, 2024

  • 9.8

    CRITICAL
    CVE-2024-53739

    Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Cool Plugins Cryptocurrency Widgets For Elementor allows PHP Local File Inclusion.This issue affects Cryptocurrency Widgets For Elemen... Read more

    • Published: Nov. 30, 2024
    • Modified: Mar. 19, 2025

  • 4.4

    MEDIUM
    CVE-2024-53738

    Server-Side Request Forgery (SSRF) vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster allows Server Side Request Forgery.This issue affects Asset CleanUp: Page Speed Booster: from n/a through 1.3.9.8.... Read more

    Affected Products : asset_cleanup
    • Published: Nov. 30, 2024
    • Modified: Nov. 30, 2024

  • 6.5

    MEDIUM
    CVE-2024-12002

    A vulnerability classified as problematic was found in Tenda FH451, FH1201, FH1202 and FH1206 up to 20241129. Affected by this vulnerability is the function websReadEvent of the file /goform/GetIPTV. The manipulation of the argument Content-Length leads t... Read more

    • Published: Nov. 30, 2024
    • Modified: Dec. 10, 2024

  • 5.4

    MEDIUM
    CVE-2024-12001

    A vulnerability classified as problematic has been found in code-projects Wazifa System 1.0. Affected is an unknown function of the file /controllers/updatesettings.php of the component Setting Handler. The manipulation of the argument firstname leads to ... Read more

    Affected Products : wazifa_system
    • Published: Nov. 30, 2024
    • Modified: Dec. 10, 2024

  • 5.4

    MEDIUM
    CVE-2024-12000

    A vulnerability was found in code-projects Blood Bank System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /controllers/updatesettings.php of the component Setting Handler. The manipulation of the argument f... Read more

    Affected Products : blood_bank_system blood_bank_system
    • Published: Nov. 30, 2024
    • Modified: Dec. 10, 2024

  • 7.5

    HIGH
    CVE-2024-11998

    A vulnerability was found in code-projects Farmacia 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /visualizer-forneccedor.chp. The manipulation of the argument id leads to sql injection. The attack can be initi... Read more

    Affected Products : farmacia farmacia farmacia
    • Published: Nov. 30, 2024
    • Modified: Dec. 04, 2024

  • 5.4

    MEDIUM
    CVE-2024-11997

    A vulnerability was found in code-projects Farmacia 1.0. It has been classified as problematic. This affects an unknown part of the file /vendas.php. The manipulation of the argument notaFiscal leads to cross site scripting. It is possible to initiate the... Read more

    Affected Products : farmacia farmacia farmacia
    • Published: Nov. 30, 2024
    • Modified: Dec. 04, 2024
Showing 20 of 291551 Results