Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2024-50467

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WebXApp Scrollbar by webxapp – Best vertical/horizontal scrollbars plugin allows Stored XSS.This issue affects Scrollbar by webxapp – Best vertica... Read more

    Affected Products :
    • Published: Oct. 28, 2024
    • Modified: Oct. 29, 2024

  • 6.5

    MEDIUM
    CVE-2024-50464

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Pierre Lebedel Kodex Posts likes allows Stored XSS.This issue affects Kodex Posts likes: from n/a through 2.5.0.... Read more

    Affected Products :
    • Published: Oct. 28, 2024
    • Modified: Oct. 29, 2024

  • 6.5

    MEDIUM
    CVE-2024-50462

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Fla-shop Interactive World Map allows Stored XSS.This issue affects Interactive World Map: from n/a through 3.4.4.... Read more

    Affected Products :
    • Published: Oct. 28, 2024
    • Modified: Oct. 29, 2024

  • 6.5

    MEDIUM
    CVE-2024-50461

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPDeveloper EmbedPress allows Stored XSS.This issue affects EmbedPress: from n/a through 4.0.14.... Read more

    Affected Products : embedpress
    • Published: Oct. 28, 2024
    • Modified: Nov. 13, 2024

  • 5.9

    MEDIUM
    CVE-2024-50460

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in FirelightWP Firelight Lightbox allows Stored XSS.This issue affects Firelight Lightbox: from n/a through 2.3.3.... Read more

    Affected Products : firelight_lightbox
    • Published: Oct. 28, 2024
    • Modified: Nov. 13, 2024

  • 6.5

    MEDIUM
    CVE-2024-50458

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Codeus Advanced Sermons allows Stored XSS.This issue affects Advanced Sermons: from n/a through 3.4.... Read more

    Affected Products : advanced_sermons
    • Published: Oct. 28, 2024
    • Modified: Nov. 13, 2024

  • 6.5

    MEDIUM
    CVE-2024-50451

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in realmag777 WordPress Meta Data and Taxonomies Filter (MDTF) allows Stored XSS.This issue affects WordPress Meta Data and Taxonomies Filter (MDTF):... Read more

    Affected Products : meta_data_and_taxonomies_filter
    • Published: Oct. 28, 2024
    • Modified: Nov. 13, 2024

  • 6.5

    MEDIUM
    CVE-2024-50449

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in RedefiningTheWeb PDF Generator Addon for Elementor Page Builder allows Stored XSS.This issue affects PDF Generator Addon for Elementor Page Builde... Read more

    • Published: Oct. 28, 2024
    • Modified: Nov. 08, 2024

  • 7.1

    HIGH
    CVE-2024-50448

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in YITH YITH WooCommerce Product Add-Ons allows Reflected XSS.This issue affects YITH WooCommerce Product Add-Ons: from n/a through 4.14.1.... Read more

    Affected Products : yith_woocommerce_product_add-ons
    • Published: Oct. 28, 2024
    • Modified: Nov. 08, 2024

  • 6.5

    MEDIUM
    CVE-2024-50447

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in EnvoThemes Envo's Elementor Templates & Widgets for WooCommerce allows Stored XSS.This issue affects Envo's Elementor Templates & Widgets for WooC... Read more

    • Published: Oct. 28, 2024
    • Modified: Nov. 08, 2024

  • 6.5

    MEDIUM
    CVE-2024-50446

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in FuturioWP Futurio Extra allows Stored XSS.This issue affects Futurio Extra: from n/a through 2.0.11.... Read more

    Affected Products : futurio_extra
    • Published: Oct. 28, 2024
    • Modified: Nov. 08, 2024

  • 6.5

    MEDIUM
    CVE-2024-50445

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Merkulove Selection Lite allows Stored XSS.This issue affects Selection Lite: from n/a through 1.13.... Read more

    Affected Products : selection_lite
    • Published: Oct. 28, 2024
    • Modified: Nov. 08, 2024

  • 7.4

    HIGH
    CVE-2024-50441

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CozyThemes Cozy Blocks allows Stored XSS.This issue affects Cozy Blocks: from n/a through 2.0.15.... Read more

    Affected Products : cozy_blocks
    • Published: Oct. 28, 2024
    • Modified: Nov. 08, 2024

  • 6.5

    MEDIUM
    CVE-2024-50440

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Chris Coyier CodePen Embedded Pens Shortcode allows Stored XSS.This issue affects CodePen Embedded Pens Shortcode: from n/a through 1.0.2.... Read more

    Affected Products : codepen
    • Published: Oct. 28, 2024
    • Modified: Nov. 08, 2024

  • 6.5

    MEDIUM
    CVE-2024-50439

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brainstorm Force Astra Widgets allows Stored XSS.This issue affects Astra Widgets: from n/a through 1.2.14.... Read more

    Affected Products : astra_widgets
    • Published: Oct. 28, 2024
    • Modified: Nov. 08, 2024

  • 7.1

    HIGH
    CVE-2024-50438

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Andy Moyle Church Admin allows Reflected XSS.This issue affects Church Admin: from n/a before 5.0.0.... Read more

    Affected Products : church_admin
    • Published: Oct. 28, 2024
    • Modified: Nov. 08, 2024

  • 7.4

    HIGH
    CVE-2024-6245

    Use of Default Credentials vulnerability in Maruti Suzuki SmartPlay on Linux (Infotainment Hub modules) allows attacker to try common or default usernames and passwords.The issue was detected on a 2022 Maruti Suzuki Brezza in India Market. This issue aff... Read more

    Affected Products :
    • Published: Oct. 28, 2024
    • Modified: Nov. 07, 2024

  • 5.3

    MEDIUM
    CVE-2024-49771

    MPXJ is an open source library to read and write project plans from a variety of file formats and databases. The patch for the historical vulnerability CVE-2020-35460 in MPXJ is incomplete as there is still a possibility that a malicious path could be con... Read more

    Affected Products :
    • Published: Oct. 28, 2024
    • Modified: Oct. 29, 2024

  • 5.7

    MEDIUM
    CVE-2024-47827

    Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. Due to a race condition in a global variable in 3.6.0-rc1, the argo workflows controller can be made to crash on-command by any user with acce... Read more

    Affected Products : argo_workflows
    • Published: Oct. 28, 2024
    • Modified: Nov. 05, 2024

  • 8.8

    HIGH
    CVE-2024-42028

    A Local privilege escalation vulnerability found in a Self-Hosted UniFi Network Server with UniFi Network Application (Version 8.4.62 and earlier) allows a malicious actor with a local operational system user to execute high privilege actions on UniFi Net... Read more

    Affected Products : unifi_network_application
    • Published: Oct. 28, 2024
    • Modified: Oct. 29, 2024
Showing 20 of 293696 Results