Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 6.5

    MEDIUM
    CVE-2024-51854

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Hola Networks Hola Free Video Player allows DOM-Based XSS.This issue affects Hola Free Video Player: from n/a through 1.3.9.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51894

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Reyzua Topbar ID for Elementor allows DOM-Based XSS.This issue affects Topbar ID for Elementor: from n/a through 1.0.1.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51875

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nazmul Ahsan MDC YouTube Downloader allows DOM-Based XSS.This issue affects MDC YouTube Downloader: from n/a through 3.0.0.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51858

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Umar Social Locker allows Stored XSS.This issue affects Social Locker: from n/a through 1.1.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51856

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Moose Moose Elementor Kit allows DOM-Based XSS.This issue affects Moose Elementor Kit: from n/a through 1.0.0.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51857

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Olympus Themes Olympus Shortcodes allows DOM-Based XSS.This issue affects Olympus Shortcodes: from n/a through 1.0.4.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51863

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Team Profit-Funnels PF Timer allows Stored XSS.This issue affects PF Timer: from n/a through 1.0.0.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51878

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Joey Straile AchillesTheme-shortcodes allows DOM-Based XSS.This issue affects AchillesTheme-shortcodes: from n/a through 0.1.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51847

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in giovanebribeiro WP PagSeguro Payments allows Stored XSS.This issue affects WP PagSeguro Payments: from n/a through 1.0.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 4.3

    MEDIUM
    CVE-2024-52420

    Cross-Site Request Forgery (CSRF) vulnerability in Creative Motion Disable Admin Notices individually allows Cross Site Request Forgery.This issue affects Disable Admin Notices individually: from n/a through 1.3.5.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51879

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Arash Heidari Text Advertisements allows Stored XSS.This issue affects Text Advertisements: from n/a through 2.1.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51886

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Takashi Matsuyama Posts Filter allows Stored XSS.This issue affects Posts Filter: from n/a through 1.3.1.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51872

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Luzuk Luzuk Testimonials allows Stored XSS.This issue affects Luzuk Testimonials: from n/a through 0.0.1.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 5.3

    MEDIUM
    CVE-2024-52600

    Statmatic is a Laravel and Git powered content management system (CMS). Prior to version 5.17.0, assets uploaded with appropriately crafted filenames may result in them being placed in a location different than what was configured. The issue affects front... Read more

    Affected Products : statamic
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51860

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in DuoGeek Custom Dashboard Widget allows Stored XSS.This issue affects Custom Dashboard Widget: from n/a through 1.0.0.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51937

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Information Analytics IA Map Analytics Basic allows DOM-Based XSS.This issue affects IA Map Analytics Basic: from n/a through 20170413.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51921

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in midori scrollup allows DOM-Based XSS.This issue affects scrollup: from n/a through 1.1.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51903

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in imFORZA WP Listings Pro allows Stored XSS.This issue affects WP Listings Pro: from n/a through 3.0.14.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51913

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Mapme Mapme allows Stored XSS.This issue affects Mapme: from n/a through 1.3.2.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-51838

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jon Smajda Pull This allows DOM-Based XSS.This issue affects Pull This: from n/a through 1.1.... Read more

    Affected Products :
    • Published: Nov. 19, 2024
    • Modified: Nov. 19, 2024
Showing 20 of 294528 Results