Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 7.6

    HIGH
    CVE-2024-47328

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in FunnelKit Automation By Autonami allows SQL Injection.This issue affects Automation By Autonami: from n/a through 3.1.2.... Read more

    Affected Products : funnelkit_automations
    • Published: Oct. 21, 2024
    • Modified: Oct. 24, 2024

  • 8.8

    HIGH
    CVE-2024-43945

    Cross-Site Request Forgery (CSRF) vulnerability in Latepoint LatePoint allows Cross Site Request Forgery.This issue affects LatePoint: from n/a through 4.9.91.... Read more

    Affected Products : latepoint
    • Published: Oct. 21, 2024
    • Modified: Oct. 24, 2024

  • 7.2

    HIGH
    CVE-2024-8625

    The TS Poll WordPress plugin before 2.4.0 does not sanitize and escape a parameter before using it in a SQL statement, allowing admins to perform SQL injection attacks... Read more

    Affected Products : ts_poll
    • Published: Oct. 21, 2024
    • Modified: Oct. 24, 2024

  • 8.8

    HIGH
    CVE-2024-10202

    Administrative Management System from Wellchoose has an OS Command Injection vulnerability, allowing remote attackers with regular privileges to inject and execute arbitrary OS commands.... Read more

    Affected Products : administrative_management_system
    • Published: Oct. 21, 2024
    • Modified: Oct. 24, 2024

  • 8.8

    HIGH
    CVE-2024-10201

    Administrative Management System from Wellchoose does not properly validate uploaded file types, allowing remote attackers with regular privileges to upload and execute webshells.... Read more

    Affected Products : administrative_management_system
    • Published: Oct. 21, 2024
    • Modified: Oct. 24, 2024

  • 7.5

    HIGH
    CVE-2024-10200

    Administrative Management System from Wellchoose has a Path Traversal vulnerability, allowing unauthenticated remote attackers to exploit this vulnerability to download arbitrary files on the server.... Read more

    Affected Products : administrative_management_system
    • Published: Oct. 21, 2024
    • Modified: Oct. 24, 2024

  • 9.8

    CRITICAL
    CVE-2024-43689

    Stack-based buffer overflow vulnerability exists in ELECOM wireless access points. By processing a specially crafted HTTP request, arbitrary code may be executed.... Read more

    • Published: Oct. 21, 2024
    • Modified: Sep. 04, 2025

  • 5.1

    MEDIUM
    CVE-2024-10199

    A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /manage_medicine.php of the component Manage Medicines Page. The manipulation of ... Read more

    • Published: Oct. 21, 2024
    • Modified: Oct. 22, 2024

  • 5.1

    MEDIUM
    CVE-2024-10198

    A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /manage_customer.php of the component Manage Customer Page. The manipula... Read more

    • Published: Oct. 21, 2024
    • Modified: Oct. 22, 2024

  • 5.1

    MEDIUM
    CVE-2024-10197

    A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been classified as problematic. Affected is an unknown function of the file /manage_supplier.php of the component Manage Supplier Page. The manipulation of the argument addr... Read more

    Affected Products : pharmacy_management_system
    • Published: Oct. 21, 2024
    • Modified: Oct. 23, 2024

  • 9.8

    CRITICAL
    CVE-2024-10196

    A vulnerability was found in code-projects Pharmacy Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /add_new_invoice.php. The manipulation of the argument text leads to sql injection. The attack may... Read more

    Affected Products : pharmacy_management_system
    • Published: Oct. 21, 2024
    • Modified: Oct. 23, 2024

  • 9.8

    CRITICAL
    CVE-2024-44000

    Insufficiently Protected Credentials vulnerability in LiteSpeed Technologies LiteSpeed Cache allows Authentication Bypass.This issue affects LiteSpeed Cache: from n/a before 6.5.0.1.... Read more

    Affected Products : litespeed_cache
    • Published: Oct. 20, 2024
    • Modified: Oct. 23, 2024

  • 8.8

    HIGH
    CVE-2024-49628

    Cross-Site Request Forgery (CSRF) vulnerability in WhileTrue Most And Least Read Posts Widget allows Cross Site Request Forgery.This issue affects Most And Least Read Posts Widget: from n/a through 2.5.18.... Read more

    Affected Products : most_and_least_read_posts_widget
    • Published: Oct. 20, 2024
    • Modified: Oct. 22, 2024

  • 8.8

    HIGH
    CVE-2024-49627

    Cross-Site Request Forgery (CSRF) vulnerability in Noor Alam WordPress Image SEO allows Cross Site Request Forgery.This issue affects WordPress Image SEO: from n/a through 1.1.4.... Read more

    Affected Products : wordpress_image_seo
    • Published: Oct. 20, 2024
    • Modified: Oct. 22, 2024

  • 8.8

    HIGH
    CVE-2024-49325

    Subscriber Broken Access Control in Photo Gallery Builder <= 3.0 versions.... Read more

    Affected Products : photo_gallery_builder
    • Published: Oct. 20, 2024
    • Modified: Oct. 22, 2024

  • 8.8

    HIGH
    CVE-2024-49306

    Cross-Site Request Forgery (CSRF) vulnerability in WP-buy WP Content Copy Protection & No Right Click allows Cross Site Request Forgery.This issue affects WP Content Copy Protection & No Right Click: from n/a through 3.5.9.... Read more

    • Published: Oct. 20, 2024
    • Modified: Oct. 22, 2024

  • 8.8

    HIGH
    CVE-2024-49290

    Cross-Site Request Forgery (CSRF) vulnerability in Gora Tech LLC Cooked Pro allows Cross Site Request Forgery.This issue affects Cooked Pro: from n/a before 1.8.0.... Read more

    Affected Products : cooked
    • Published: Oct. 20, 2024
    • Modified: Oct. 22, 2024

  • 8.8

    HIGH
    CVE-2024-49275

    Cross-Site Request Forgery (CSRF) vulnerability in Martin Gibson IdeaPush allows Cross Site Request Forgery.This issue affects IdeaPush: from n/a through 8.69.... Read more

    Affected Products : ideapush
    • Published: Oct. 20, 2024
    • Modified: Oct. 22, 2024

  • 8.8

    HIGH
    CVE-2024-49274

    Cross-Site Request Forgery (CSRF) vulnerability in Infomaniak Staff VOD Infomaniak allows Cross Site Request Forgery.This issue affects VOD Infomaniak: from n/a through 1.5.7.... Read more

    Affected Products : vod_infomaniak
    • Published: Oct. 20, 2024
    • Modified: Oct. 22, 2024

  • 8.8

    HIGH
    CVE-2024-49272

    Cross-Site Request Forgery (CSRF) vulnerability in WPWeb Social Auto Poster allows Cross Site Request Forgery.This issue affects Social Auto Poster: from n/a through 5.3.15.... Read more

    Affected Products : social_auto_poster
    • Published: Oct. 20, 2024
    • Modified: Oct. 22, 2024
Showing 20 of 294733 Results