Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.5

    MEDIUM
    CVE-2024-42508

    This vulnerability could be exploited, leading to unauthorized disclosure of information to authenticated users.... Read more

    Affected Products : oneview
    • Published: Oct. 18, 2024
    • Modified: Mar. 17, 2025

  • 9.8

    CRITICAL
    CVE-2024-9537

    ScienceLogic SL1 (formerly EM7) is affected by an unspecified vulnerability involving an unspecified third-party component packaged with SL1. The vulnerability is addressed in SL1 versions 12.1.3+, 12.2.3+, and 12.3+. Remediations have been made availabl... Read more

    Affected Products : sl1
    • Actively Exploited
    • Published: Oct. 18, 2024
    • Modified: Oct. 22, 2024

  • 6.3

    MEDIUM
    CVE-2024-47240

    Dell Secure Connect Gateway (SCG) 5.24 contains an Incorrect Default Permissions vulnerability. A local attacker with low privileges can access the file system and could potentially exploit this vulnerability to gain write access to unauthorized data and ... Read more

    Affected Products : secure_connect_gateway
    • Published: Oct. 18, 2024
    • Modified: Oct. 22, 2024

  • 6.4

    MEDIUM
    CVE-2024-9674

    The Debrandify · Remove or Replace WordPress Branding plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.1.2 due to insufficient input sanitization and output escaping. This makes... Read more

    Affected Products : debrandify
    • Published: Oct. 18, 2024
    • Modified: Oct. 22, 2024

  • 5.9

    MEDIUM
    CVE-2024-43300

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Bert Kößler Movie Database allows Stored XSS.This issue affects Movie Database: from n/a through 1.0.11.... Read more

    Affected Products : movie_database
    • Published: Oct. 18, 2024
    • Modified: Oct. 22, 2024

  • 6.4

    MEDIUM
    CVE-2024-9425

    The Advanced Category and Custom Taxonomy Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ad_tax_image shortcode in all versions up to, and including, 1.0.9 due to insufficient input sanitization and output escapin... Read more

    • Published: Oct. 18, 2024
    • Modified: Oct. 22, 2024

  • 8.8

    HIGH
    CVE-2024-49243

    Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Jon Vincent Mendoza Dynamic Elementor Addons allows PHP Local File Inclusion.This issue affects Dynamic Elementor Addons: from n/a thr... Read more

    Affected Products : dynamic_elementor_addons
    • Published: Oct. 18, 2024
    • Modified: Oct. 22, 2024

  • 6.5

    MEDIUM
    CVE-2024-49241

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tady Walsh Tito allows DOM-Based XSS.This issue affects Tito: from n/a through 2.3.... Read more

    Affected Products : tito
    • Published: Oct. 18, 2024
    • Modified: Oct. 21, 2024

  • 7.1

    HIGH
    CVE-2024-49240

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Agustin Berasategui AB Categories Search Widget allows Reflected XSS.This issue affects AB Categories Search Widget: from n/a through 0.2.5.... Read more

    Affected Products : ab_categories_search_widget
    • Published: Oct. 18, 2024
    • Modified: Oct. 21, 2024

  • 7.1

    HIGH
    CVE-2024-49239

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Nikhil Vaghela Add Categories Post Footer allows Reflected XSS.This issue affects Add Categories Post Footer: from n/a through 2.2.2.... Read more

    Affected Products : add_categories_post_footer
    • Published: Oct. 18, 2024
    • Modified: Oct. 21, 2024

  • 7.1

    HIGH
    CVE-2024-49238

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in M. Konieczny, DH9SB ADIF Log Search Widget allows Reflected XSS.This issue affects ADIF Log Search Widget: from n/a through 1.0f.... Read more

    Affected Products : adif_log_search_widget
    • Published: Oct. 18, 2024
    • Modified: Oct. 21, 2024

  • 6.5

    MEDIUM
    CVE-2024-49236

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Hafiz Uddin Ahmed Crazy Call To Action Box allows Stored XSS.This issue affects Crazy Call To Action Box: from n/a through 1.0.5.... Read more

    Affected Products : crazy_call_to_action_box
    • Published: Oct. 18, 2024
    • Modified: Oct. 21, 2024

  • 6.5

    MEDIUM
    CVE-2024-49234

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in themeworm Plexx Elementor Extension allows Stored XSS.This issue affects Plexx Elementor Extension: from n/a through 1.3.4.... Read more

    Affected Products : plexx_elementor_extension
    • Published: Oct. 18, 2024
    • Modified: Oct. 21, 2024

  • 6.5

    MEDIUM
    CVE-2024-49233

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in MadrasThemes MAS Elementor allows DOM-Based XSS.This issue affects MAS Elementor: from n/a through 1.1.6.... Read more

    Affected Products : mas_elementor
    • Published: Oct. 18, 2024
    • Modified: Oct. 21, 2024

  • 6.5

    MEDIUM
    CVE-2024-49232

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Javier Loureiro El mejor Cluster allows DOM-Based XSS.This issue affects El mejor Cluster: from n/a through 1.1.15.... Read more

    Affected Products : el_mejor_cluster
    • Published: Oct. 18, 2024
    • Modified: Dec. 05, 2024

  • 6.5

    MEDIUM
    CVE-2024-49231

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Peter CyClop WordPress Video allows Stored XSS.This issue affects WordPress Video: from n/a through 1.0.... Read more

    Affected Products : wordpress_video
    • Published: Oct. 18, 2024
    • Modified: Oct. 21, 2024

  • 6.5

    MEDIUM
    CVE-2024-49230

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Harpreet Singh Ajax Custom CSS/JS allows Reflected XSS.This issue affects Ajax Custom CSS/JS: from n/a through 2.0.4.... Read more

    Affected Products : ajax_custom_css\/js
    • Published: Oct. 18, 2024
    • Modified: Oct. 21, 2024

  • 6.5

    MEDIUM
    CVE-2024-49228

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CrossedCode bVerse Convert allows Stored XSS.This issue affects bVerse Convert: from n/a through 1.3.7.1.... Read more

    Affected Products : bverse_convert
    • Published: Oct. 18, 2024
    • Modified: Oct. 21, 2024

  • 6.5

    MEDIUM
    CVE-2024-49225

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Swebdeveloper wpPricing Builder allows Stored XSS.This issue affects wpPricing Builder: from n/a through 1.5.0.... Read more

    Affected Products : wppricing_builder
    • Published: Oct. 18, 2024
    • Modified: Oct. 21, 2024

  • 7.1

    HIGH
    CVE-2024-49224

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Mahesh Patel Mitm Bug Tracker allows Reflected XSS.This issue affects Mitm Bug Tracker: from n/a through 1.0.... Read more

    Affected Products : mitm_bug_tracker
    • Published: Oct. 18, 2024
    • Modified: Oct. 21, 2024
Showing 20 of 294793 Results