Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.1

    HIGH
    CVE-2024-52463

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kat Hagan Post By Email allows Reflected XSS.This issue affects Post By Email: from n/a through 1.0.4b.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 7.1

    HIGH
    CVE-2024-52462

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jacob Schwartz WP e-Commerce Style Email allows Reflected XSS.This issue affects WP e-Commerce Style Email: from n/a through 0.6.2.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 7.1

    HIGH
    CVE-2024-52461

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Kinsta WordPress Hosting Infinite Slider allows Reflected XSS.This issue affects Infinite Slider: from n/a through 2.0.1.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 7.1

    HIGH
    CVE-2024-52460

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in AtaraPay AtaraPay WooCommerce Payment Gateway allows Reflected XSS.This issue affects AtaraPay WooCommerce Payment Gateway: from n/a through 2.0.13.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 7.1

    HIGH
    CVE-2024-52459

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Chameleoni.Com Chameleoni Jobs chameleon-jobs allows Reflected XSS.This issue affects Chameleoni Jobs: from n/a through 2.5.4.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Apr. 30, 2025

  • 7.1

    HIGH
    CVE-2024-52458

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Templines TM Islamic Helper allows Reflected XSS.This issue affects TM Islamic Helper: from n/a through 1.0.1.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 7.1

    HIGH
    CVE-2024-52457

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Youneeq Youneeq Recommendations allows Reflected XSS.This issue affects Youneeq Recommendations: from n/a through 3.0.7.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 7.1

    HIGH
    CVE-2024-52456

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPoets Awesome Studio allows Reflected XSS.This issue affects Awesome Studio: from n/a through 2.4.4.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 7.1

    HIGH
    CVE-2024-52455

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GoQSystem Inc. GoQSmile allows Reflected XSS.This issue affects GoQSmile: from n/a through 1.0.1.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 7.1

    HIGH
    CVE-2024-52454

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in GoQSystem Inc. GoQMieruca allows Reflected XSS.This issue affects GoQMieruca: from n/a through 1.0.0.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 7.1

    HIGH
    CVE-2024-52453

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jon Lorang Library Bookshelves allows Reflected XSS.This issue affects Library Bookshelves: from n/a through 5.8.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 7.1

    HIGH
    CVE-2024-52452

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in eduNEXT Open edX LMS allows Reflected XSS.This issue affects Open edX LMS: from n/a through 2.6.1.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 5.9

    MEDIUM
    CVE-2024-51900

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Richard K Miller What Would Seth Godin Do allows Stored XSS.This issue affects What Would Seth Godin Do: from n/a through 2.1.1.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 7.7

    HIGH
    CVE-2024-12015

    The 'Project Manager' WordPress Plugin is affected by an authenticated SQL injection vulnerability in the 'orderby' parameter in the '/pm/v2/activites' route.... Read more

    Affected Products : wp_project_manager
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 7.8

    HIGH
    CVE-2024-43053

    Memory corruption while invoking IOCTL calls from user space to read WLAN target diagnostic information.... Read more

    • Published: Dec. 02, 2024
    • Modified: Dec. 12, 2024

  • 7.8

    HIGH
    CVE-2024-43052

    Memory corruption while processing API calls to NPU with invalid input.... Read more

    • Published: Dec. 02, 2024
    • Modified: Dec. 12, 2024

  • 7.8

    HIGH
    CVE-2024-43050

    Memory corruption while invoking IOCTL calls from user space to issue factory test command inside WLAN driver.... Read more

    • Published: Dec. 02, 2024
    • Modified: Dec. 12, 2024

  • 7.8

    HIGH
    CVE-2024-43049

    Memory corruption while invoking IOCTL calls from user space to set generic private command inside WLAN driver.... Read more

    • Published: Dec. 02, 2024
    • Modified: Dec. 12, 2024

  • 7.8

    HIGH
    CVE-2024-43048

    Memory corruption when invalid input is passed to invoke GPU Headroom API call.... Read more

    • Published: Dec. 02, 2024
    • Modified: Dec. 12, 2024

  • 7.5

    HIGH
    CVE-2024-33063

    Transient DOS while parsing the ML IE when a beacon with common info length of the ML IE greater than the ML IE inside which this element is present.... Read more

    • Published: Dec. 02, 2024
    • Modified: Dec. 12, 2024
Showing 20 of 291615 Results