Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 0.0

    NA
    CVE-2024-53105

    In the Linux kernel, the following vulnerability has been resolved: mm: page_alloc: move mlocked flag clearance into free_pages_prepare() Syzbot reported a bad page state problem caused by a page being freed using free_page() still having a mlocked flag... Read more

    Affected Products : linux_kernel
    • Published: Dec. 02, 2024
    • Modified: Dec. 14, 2024

  • 6.5

    MEDIUM
    CVE-2024-52503

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tailored Web Services Tailored Tools allows Stored XSS.This issue affects Tailored Tools: from n/a through 1.8.4.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 6.5

    MEDIUM
    CVE-2024-52502

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Imbasynergy ImbaChat allows DOM-Based XSS.This issue affects ImbaChat: from n/a through 3.1.4.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 5.9

    MEDIUM
    CVE-2024-52494

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Matt Varone, Tim Berneman Dynamic "To Top" allows Stored XSS.This issue affects Dynamic "To Top": from 3.5.2 through n/a.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 5.9

    MEDIUM
    CVE-2024-52493

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Josh Leuze Meteor Slides allows Stored XSS.This issue affects Meteor Slides: from n/a through 1.5.7.... Read more

    Affected Products : meteor_slides
    • Published: Dec. 02, 2024
    • Modified: Jun. 09, 2025

  • 5.9

    MEDIUM
    CVE-2024-52492

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Gopi Ramasamy Image horizontal reel scroll slideshow allows Stored XSS.This issue affects Image horizontal reel scroll slideshow: from n/a through 13.4.... Read more

    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 5.9

    MEDIUM
    CVE-2024-52491

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sanil Shakya Sticky Social Icons allows Stored XSS.This issue affects Sticky Social Icons: from n/a through 1.2.1.... Read more

    Affected Products : sticky_social_icons
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 5.9

    MEDIUM
    CVE-2024-52489

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Udi Dollberg Add Chat App Button allows Stored XSS.This issue affects Add Chat App Button: from n/a through 2.1.5.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 6.5

    MEDIUM
    CVE-2024-52487

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebCodingPlace Ultimate Classified Listings allows Stored XSS.This issue affects Ultimate Classified Listings: from n/a through 1.4.... Read more

    Affected Products : ultimate_classified_listings
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 6.5

    MEDIUM
    CVE-2024-52486

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in SolverWP Elementor Portfolio Builder allows DOM-Based XSS.This issue affects Elementor Portfolio Builder: from n/a through 1.0.0.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 7.1

    HIGH
    CVE-2024-52484

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Subhasish Manna Wc Recently viewed products allows Reflected XSS.This issue affects Wc Recently viewed products: from n/a through 1.0.1.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 7.1

    HIGH
    CVE-2024-52483

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Igor Benić LeanPress allows Reflected XSS.This issue affects LeanPress: from n/a through 1.0.0.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 7.1

    HIGH
    CVE-2024-52482

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ortto Ortto allows Reflected XSS.This issue affects Ortto: from n/a through 1.0.19.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 8.8

    HIGH
    CVE-2024-52479

    Cross-Site Request Forgery (CSRF) vulnerability in Ben Marshall Jobify - Job Board WordPress Theme allows Cross Site Request Forgery.This issue affects Jobify - Job Board WordPress Theme: from n/a through 4.2.3.... Read more

    Affected Products : jobify
    • Published: Dec. 02, 2024
    • Modified: Feb. 10, 2025

  • 6.5

    MEDIUM
    CVE-2024-52478

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ben Marshall Jobify - Job Board WordPress Theme allows Stored XSS.This issue affects Jobify - Job Board WordPress Theme: from n/a through 4.2.3.... Read more

    Affected Products : jobify
    • Published: Dec. 02, 2024
    • Modified: Feb. 10, 2025

  • 7.1

    HIGH
    CVE-2024-52477

    Cross-Site Request Forgery (CSRF) vulnerability in No-nonsense Labs Document & Data Automation allows Stored XSS.This issue affects Document & Data Automation: from n/a through 1.6.1.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 10.0

    CRITICAL
    CVE-2024-52476

    Unrestricted Upload of File with Dangerous Type vulnerability in stefanbohacek Fediverse Embeds allows Upload a Web Shell to a Web Server.This issue affects Fediverse Embeds: from n/a through 1.5.3.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 7.1

    HIGH
    CVE-2024-52469

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Dhrubok Infotech WooCommerce Price Alert allows Reflected XSS.This issue affects WooCommerce Price Alert: from n/a through 1.0.4.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 7.1

    HIGH
    CVE-2024-52468

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LeadBoxer LeadBoxer allows Reflected XSS.This issue affects LeadBoxer: from n/a through 1.2.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024

  • 7.1

    HIGH
    CVE-2024-52467

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in August Infotech AI Responsive Gallery Album allows Reflected XSS.This issue affects AI Responsive Gallery Album: from n/a through 1.4.... Read more

    Affected Products :
    • Published: Dec. 02, 2024
    • Modified: Dec. 02, 2024
Showing 20 of 291638 Results