Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.9

    MEDIUM
    CVE-2024-47345

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Brainstorm Force Starter Templates allows Stored XSS.This issue affects Starter Templates: from n/a through 4.4.0.... Read more

    Affected Products : starter_templates
    • Published: Oct. 06, 2024
    • Modified: Oct. 07, 2024

  • 6.5

    MEDIUM
    CVE-2024-47340

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PickPlugins Post Grid and Gutenberg Blocks allows Stored XSS.This issue affects Post Grid and Gutenberg Blocks: from n/a through 2.2.89.... Read more

    Affected Products : post_grid
    • Published: Oct. 06, 2024
    • Modified: Oct. 07, 2024

  • 7.1

    HIGH
    CVE-2024-47352

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Xylus Themes WP Bulk Delete allows Reflected XSS.This issue affects WP Bulk Delete: from n/a through 1.3.1.... Read more

    Affected Products :
    • Published: Oct. 06, 2024
    • Modified: Oct. 07, 2024

  • 6.5

    MEDIUM
    CVE-2024-47368

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Leap13 Premium Blocks – Gutenberg Blocks for WordPress allows Stored XSS.This issue affects Premium Blocks – Gutenberg Blocks for WordPress: from ... Read more

    Affected Products : premium_blocks_for_gutenburg
    • Published: Oct. 06, 2024
    • Modified: Oct. 07, 2024

  • 7.1

    HIGH
    CVE-2024-47395

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Robokassa Robokassa payment gateway for Woocommerce allows Reflected XSS.This issue affects Robokassa payment gateway for Woocommerce: from n/a th... Read more

    Affected Products :
    • Published: Oct. 05, 2024
    • Modified: Oct. 07, 2024

  • 5.9

    MEDIUM
    CVE-2024-47623

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in GhozyLab, Inc. Gallery Lightbox allows Stored XSS.This issue affects Gallery Lightbox: from n/a through 1.0.0.39.... Read more

    Affected Products :
    • Published: Oct. 05, 2024
    • Modified: Oct. 07, 2024

  • 4.7

    MEDIUM
    CVE-2024-47646

    URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Payflex Payflex Payment Gateway.This issue affects Payflex Payment Gateway: from n/a through 2.6.1.... Read more

    Affected Products :
    • Published: Oct. 05, 2024
    • Modified: Oct. 07, 2024

  • 6.5

    MEDIUM
    CVE-2024-47642

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Keap Keap Official Opt-in Forms allows Stored XSS.This issue affects Keap Official Opt-in Forms: from n/a through 2.0.1.... Read more

    Affected Products : official_opt-in_forms
    • Published: Oct. 05, 2024
    • Modified: Oct. 07, 2024

  • 7.1

    HIGH
    CVE-2024-47297

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CodePeople CP Polls allows Reflected XSS.This issue affects CP Polls: from n/a through 1.0.74.... Read more

    Affected Products : polls_cp
    • Published: Oct. 06, 2024
    • Modified: Oct. 07, 2024

  • 6.5

    MEDIUM
    CVE-2024-47342

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in PickPlugins Accordion accordions allows Stored XSS.This issue affects Accordion: from n/a through 2.2.99.... Read more

    Affected Products : accordion
    • Published: Oct. 06, 2024
    • Modified: Oct. 07, 2024

  • 7.6

    HIGH
    CVE-2024-47338

    Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WPExpertsio WPExperts Square For GiveWP allows SQL Injection.This issue affects WPExperts Square For GiveWP: from n/a through 1.3.... Read more

    Affected Products : givewp_square
    • Published: Oct. 06, 2024
    • Modified: Oct. 07, 2024

  • 6.1

    MEDIUM
    CVE-2024-45247

    Sonarr – CWE-601: URL Redirection to Untrusted Site ('Open Redirect')... Read more

    Affected Products :
    • Published: Oct. 06, 2024
    • Modified: Oct. 07, 2024

  • 6.5

    MEDIUM
    CVE-2024-47365

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Atakan Au Automatically Hierarchic Categories in Menu allows Stored XSS.This issue affects Automatically Hierarchic Categories in Menu: from n/a t... Read more

    Affected Products :
    • Published: Oct. 06, 2024
    • Modified: Oct. 07, 2024

  • 7.1

    HIGH
    CVE-2024-47333

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Team Tangible Loops & Logic allows Reflected XSS.This issue affects Loops & Logic: from n/a through 4.1.4.... Read more

    Affected Products :
    • Published: Oct. 06, 2024
    • Modified: Oct. 07, 2024

  • 6.5

    MEDIUM
    CVE-2024-47393

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Quillforms Quill Forms allows Stored XSS.This issue affects Quill Forms: from n/a through 3.7.0.... Read more

    Affected Products :
    • Published: Oct. 05, 2024
    • Modified: Oct. 07, 2024

  • 7.1

    HIGH
    CVE-2024-47300

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in CubeWP CubeWP Forms – All-in-One Form Builder allows Stored XSS.This issue affects CubeWP Forms – All-in-One Form Builder: from n/a through 1.1.1.... Read more

    Affected Products :
    • Published: Oct. 06, 2024
    • Modified: Oct. 07, 2024

  • 7.1

    HIGH
    CVE-2024-47301

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Bit Form Bit Form – Contact Form Plugin allows Stored XSS.This issue affects Bit Form – Contact Form Plugin: from n/a through 2.13.10.... Read more

    Affected Products :
    • Published: Oct. 06, 2024
    • Modified: Oct. 07, 2024

  • 6.5

    MEDIUM
    CVE-2024-47375

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Ashraf XLTab – Accordions and Tabs for Elementor Page Builder allows Stored XSS.This issue affects XLTab – Accordions and Tabs for Elementor Page ... Read more

    Affected Products :
    • Published: Oct. 05, 2024
    • Modified: Oct. 07, 2024

  • 6.5

    MEDIUM
    CVE-2024-47307

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Essential Plugin Meta slider and carousel with lightbox allows Stored XSS.This issue affects Meta slider and carousel with lightbox: from n/a thro... Read more

    Affected Products :
    • Published: Oct. 06, 2024
    • Modified: Oct. 07, 2024

  • 6.5

    MEDIUM
    CVE-2024-47343

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kraftplugins Mega Elements allows Stored XSS.This issue affects Mega Elements: from n/a through 1.2.4.... Read more

    Affected Products : mega_elements
    • Published: Oct. 06, 2024
    • Modified: Oct. 07, 2024
Showing 20 of 294299 Results