Latest CVE Feed

Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
  • 6.5

    CVSS31
    CVE-2024-37512

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Basix NEX-Forms – Ultimate Form Builder allows Stored XSS.This issue affects NEX-Forms – Ultimate Form Builder: from n/a through 8.5.10.... Read more

    Affected Products :
    • Published: Jul. 21, 2024
    • Modified: Jul. 21, 2024
  • 7.1

    CVSS31
    CVE-2024-37509

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Maksekeskus AS MakeCommerce for WooCommerce allows Reflected XSS.This issue affects MakeCommerce for WooCommerce: from n/a through 3.5.1.... Read more

    Affected Products :
    • Published: Jul. 21, 2024
    • Modified: Jul. 21, 2024
  • 6.5

    CVSS31
    CVE-2024-37507

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Themewinter Eventin allows Stored XSS.This issue affects Eventin: from n/a through 3.3.57.... Read more

    Affected Products :
    • Published: Jul. 21, 2024
    • Modified: Jul. 21, 2024
  • 6.5

    CVSS31
    CVE-2024-37500

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in The Beaver Builder Team Beaver Builder allows Stored XSS.This issue affects Beaver Builder: from n/a through 2.8.2.2.... Read more

    Affected Products :
    • Published: Jul. 21, 2024
    • Modified: Jul. 21, 2024
  • 6.5

    CVSS31
    CVE-2024-37495

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Mediavine Create by Mediavine allows Stored XSS.This issue affects Create by Mediavine: from n/a through 1.9.7.... Read more

    Affected Products : create
    • Published: Jul. 21, 2024
    • Modified: Jul. 21, 2024
  • 6.5

    CVSS31
    CVE-2024-37492

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Gutenberg Team Gutenberg allows Stored XSS.This issue affects Gutenberg: from n/a through 18.6.0.... Read more

    Affected Products :
    • Published: Jul. 21, 2024
    • Modified: Jul. 21, 2024
  • 6.5

    CVSS31
    CVE-2024-37489

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in OceanWP Ocean Extra allows Stored XSS.This issue affects Ocean Extra: from n/a through 2.2.9.... Read more

    Affected Products : ocean_extra
    • Published: Jul. 21, 2024
    • Modified: Jul. 21, 2024
  • 6.5

    CVSS31
    CVE-2024-37488

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in HelloAsso allows Stored XSS.This issue affects HelloAsso: from n/a through 1.1.9.... Read more

    Affected Products :
    • Published: Jul. 21, 2024
    • Modified: Jul. 21, 2024
  • 7.1

    CVSS31
    CVE-2024-37487

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in wpdirectorykit.Com WP Directory Kit allows Reflected XSS.This issue affects WP Directory Kit: from n/a through 1.3.5.... Read more

    Affected Products :
    • Published: Jul. 21, 2024
    • Modified: Jul. 21, 2024
  • 6.3

    CVSS31
    CVE-2024-6943

    A vulnerability has been found in ZhongBangKeJi CRMEB up to 5.4.0 and classified as critical. Affected by this vulnerability is the function downloadImage of the file app/services/product/product/CopyTaobaoServices.php. The manipulation leads to deseriali... Read more

    Affected Products :
    • Published: Jul. 21, 2024
    • Modified: Jul. 21, 2024
  • 3.5

    CVSS31
    CVE-2024-6942

    A vulnerability, which was classified as problematic, was found in ThinkSAAS 3.7.0. Affected is an unknown function of the file app/system/action/anti.php of the component Admin Panel Security Center. The manipulation of the argument ip/email/phone leads ... Read more

    Affected Products :
    • Published: Jul. 21, 2024
    • Modified: Jul. 21, 2024
  • 6.5

    CVSS31
    CVE-2024-38434

    Unitronics Vision PLC – CWE-676: Use of Potentially Dangerous Function may allow security feature bypass... Read more

    Affected Products :
    • Published: Jul. 21, 2024
    • Modified: Jul. 21, 2024
  • 7.1

    CVSS31
    CVE-2024-37559

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Echenley Counterpoint allows Reflected XSS.This issue affects Counterpoint: from n/a through 1.8.1.... Read more

    Affected Products :
    • Published: Jul. 21, 2024
    • Modified: Jul. 21, 2024
  • 5.9

    CVSS31
    CVE-2024-37558

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Nazmul Hossain Nihal WPFavicon allows Stored XSS.This issue affects WPFavicon: from n/a through 2.1.1.... Read more

    Affected Products :
    • Published: Jul. 21, 2024
    • Modified: Jul. 21, 2024
  • 5.9

    CVSS31
    CVE-2024-37557

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Soham Web Solution WP Cookie Law Info allows Stored XSS.This issue affects WP Cookie Law Info: from n/a through 1.1.... Read more

    Affected Products :
    • Published: Jul. 21, 2024
    • Modified: Jul. 21, 2024
  • 5.9

    CVSS31
    CVE-2024-37556

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in SeedProd WordPress Notification Bar allows Stored XSS.This issue affects WordPress Notification Bar: from n/a through 1.3.10.... Read more

    Affected Products :
    • Published: Jul. 21, 2024
    • Modified: Jul. 21, 2024
  • 5.9

    CVSS31
    CVE-2024-37552

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Inisev Social Media & Share Icons allows Stored XSS.This issue affects Social Media & Share Icons: from n/a through 2.9.1.... Read more

    Affected Products :
    • Published: Jul. 21, 2024
    • Modified: Jul. 21, 2024
  • 5.9

    CVSS31
    CVE-2024-37551

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Perials Simple Social Share allows Stored XSS.This issue affects Simple Social Share: from n/a through 3.0.... Read more

    Affected Products :
    • Published: Jul. 21, 2024
    • Modified: Jul. 21, 2024
  • 5.9

    CVSS31
    CVE-2024-37550

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Envato Template Kit – Export allows Stored XSS.This issue affects Template Kit – Export: from n/a through 1.0.22.... Read more

    Affected Products :
    • Published: Jul. 21, 2024
    • Modified: Jul. 21, 2024
  • 5.9

    CVSS31
    CVE-2024-37549

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Pdfcrowd Save as PDF plugin by Pdfcrowd allows Stored XSS.This issue affects Save as PDF plugin by Pdfcrowd: from n/a through 4.0.0.... Read more

    Affected Products : save_as_pdf_plugin
    • Published: Jul. 21, 2024
    • Modified: Jul. 21, 2024
Showing 20 of 170 Results