Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.1

    MEDIUM
    CVE-2024-10840

    A vulnerability classified as problematic has been found in romadebrian WEB-Sekolah 1.0. Affected is an unknown function of the file /Admin/akun_edit.php of the component Backend. The manipulation of the argument kode leads to cross site scripting. It is ... Read more

    Affected Products : web-sekolah
    • Published: Nov. 05, 2024
    • Modified: Nov. 06, 2024

  • 7.3

    HIGH
    CVE-2024-10263

    The Tickera – WordPress Event Ticketing plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.5.4.4. This is due to the software allowing users to execute an action that does not properly validate a va... Read more

    Affected Products : tickera
    • Published: Nov. 05, 2024
    • Modified: Nov. 08, 2024

  • 5.4

    MEDIUM
    CVE-2024-9867

    The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Open Map Widget' marker_content parameter in all versions up to, and inc... Read more

    Affected Products : element_pack
    • Published: Nov. 05, 2024
    • Modified: Nov. 08, 2024

  • 6.5

    MEDIUM
    CVE-2024-9657

    The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘tooltip' parameter in all versions up to, and including, 5.10.2 due to i... Read more

    Affected Products : element_pack
    • Published: Nov. 05, 2024
    • Modified: Nov. 08, 2024

  • 6.6

    MEDIUM
    CVE-2024-51530

    LaunchAnywhere vulnerability in the account module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : emui harmonyos
    • Published: Nov. 05, 2024
    • Modified: Nov. 07, 2024

  • 5.5

    MEDIUM
    CVE-2024-51529

    Data verification vulnerability in the battery module Impact: Successful exploitation of this vulnerability may affect function stability.... Read more

    Affected Products : emui harmonyos
    • Published: Nov. 05, 2024
    • Modified: Nov. 07, 2024

  • 6.4

    MEDIUM
    CVE-2024-9178

    The XT Floating Cart for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 2.8.2 due to insufficient input sanitization and output escaping. This makes it possible for ... Read more

    Affected Products : xt_floating_cart_for_woocommerce
    • Published: Nov. 05, 2024
    • Modified: Nov. 08, 2024

  • 4.3

    MEDIUM
    CVE-2024-10319

    The 140+ Widgets | Xpro Addons For Elementor – FREE plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.6 via the render function in widgets/content-toggle/layout/frontend.php. This makes it possi... Read more

    Affected Products : xpro_addons_for_elementor
    • Published: Nov. 05, 2024
    • Modified: Nov. 08, 2024

  • 4.8

    MEDIUM
    CVE-2024-9878

    The Photo Gallery by 10Web – Mobile-Friendly Image Gallery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 1.8.30 due to insufficient input sanitization and output escaping. This m... Read more

    Affected Products : photo_gallery
    • Published: Nov. 05, 2024
    • Modified: Nov. 08, 2024

  • 4.3

    MEDIUM
    CVE-2024-7429

    The Zotpress plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the Zotpress_process_accounts_AJAX function in all versions up to, and including, 7.3.12. This makes it possible for authenticated at... Read more

    Affected Products : zotpress
    • Published: Nov. 05, 2024
    • Modified: Nov. 08, 2024

  • 5.5

    MEDIUM
    CVE-2024-51528

    Vulnerability of improper log printing in the Super Home Screen module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : emui harmonyos
    • Published: Nov. 05, 2024
    • Modified: Nov. 07, 2024

  • 5.5

    MEDIUM
    CVE-2024-51527

    Permission control vulnerability in the Gallery app Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : emui harmonyos
    • Published: Nov. 05, 2024
    • Modified: Nov. 07, 2024

  • 8.2

    HIGH
    CVE-2024-51526

    Permission control vulnerability in the hidebug module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Nov. 05, 2024
    • Modified: Nov. 07, 2024

  • 6.2

    MEDIUM
    CVE-2024-51525

    Permission control vulnerability in the clipboard module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Nov. 05, 2024
    • Modified: Nov. 07, 2024

  • 5.5

    MEDIUM
    CVE-2024-51524

    Permission control vulnerability in the Wi-Fi module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Nov. 05, 2024
    • Modified: Nov. 07, 2024

  • 7.5

    HIGH
    CVE-2024-51523

    Information management vulnerability in the Gallery module Impact: Successful exploitation of this vulnerability may affect service confidentiality.... Read more

    Affected Products : harmonyos
    • Published: Nov. 05, 2024
    • Modified: Nov. 07, 2024

  • 6.2

    MEDIUM
    CVE-2024-51522

    Vulnerability of improper device information processing in the device management module Impact: Successful exploitation of this vulnerability may affect availability.... Read more

    Affected Products : harmonyos
    • Published: Nov. 05, 2024
    • Modified: Nov. 07, 2024

  • 5.7

    MEDIUM
    CVE-2024-51521

    Input parameter verification vulnerability in the background service module Impact: Successful exploitation of this vulnerability may affect availability.... Read more

    Affected Products : harmonyos
    • Published: Nov. 05, 2024
    • Modified: Nov. 07, 2024

  • 5.5

    MEDIUM
    CVE-2024-51520

    Vulnerability of input parameters not being verified in the HDC module Impact: Successful exploitation of this vulnerability may affect availability.... Read more

    Affected Products : harmonyos
    • Published: Nov. 05, 2024
    • Modified: Nov. 07, 2024

  • 5.5

    MEDIUM
    CVE-2024-51519

    Vulnerability of input parameters not being verified in the HDC module Impact: Successful exploitation of this vulnerability may affect availability.... Read more

    Affected Products : harmonyos
    • Published: Nov. 05, 2024
    • Modified: Nov. 06, 2024
Showing 20 of 293649 Results