Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.4

    MEDIUM
    CVE-2023-23726

    Cross-Site Request Forgery (CSRF) vulnerability in Tickera.com Tickera allows Cross Site Request Forgery.This issue affects Tickera: from n/a through 3.5.1.0.... Read more

    Affected Products : tickera
    • Published: Dec. 09, 2024
    • Modified: Dec. 09, 2024

  • 5.4

    MEDIUM
    CVE-2023-23886

    Missing Authorization vulnerability in mg12 WP-RecentComments allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP-RecentComments: from n/a through 2.2.7.... Read more

    Affected Products :
    • Published: Dec. 09, 2024
    • Modified: Dec. 09, 2024

  • 5.4

    MEDIUM
    CVE-2023-23986

    Missing Authorization vulnerability in Noah Hearle, Design Extreme Reviews and Rating – Google My Business allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Reviews and Rating – Google My Business: from n/a through... Read more

    Affected Products :
    • Published: Dec. 09, 2024
    • Modified: Dec. 09, 2024

  • 5.4

    MEDIUM
    CVE-2023-25791

    Missing Authorization vulnerability in Cadus Pro Fontiran allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fontiran: from n/a through 2.1.... Read more

    Affected Products :
    • Published: Dec. 09, 2024
    • Modified: Dec. 09, 2024

  • 5.4

    MEDIUM
    CVE-2023-27428

    Missing Authorization vulnerability in Damir Calusic WP users media allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP users media: from n/a through 4.2.3.... Read more

    Affected Products :
    • Published: Dec. 09, 2024
    • Modified: Dec. 09, 2024

  • 5.4

    MEDIUM
    CVE-2023-27454

    Missing Authorization vulnerability in Apollo13Themes Rife Elementor Extensions & Templates allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Rife Elementor Extensions & Templates: from n/a through 1.1.10.... Read more

    • Published: Dec. 09, 2024
    • Modified: Dec. 09, 2024

  • 5.4

    MEDIUM
    CVE-2023-28417

    Missing Authorization vulnerability in AlexaCRM Dynamics 365 Integration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Dynamics 365 Integration: from n/a through 1.3.12.... Read more

    Affected Products :
    • Published: Dec. 09, 2024
    • Modified: Dec. 09, 2024

  • 5.4

    MEDIUM
    CVE-2023-28688

    Cross-Site Request Forgery (CSRF) vulnerability in ThemeHunk TH Variation Swatches allows Cross Site Request Forgery.This issue affects TH Variation Swatches: from n/a through 1.2.7.... Read more

    Affected Products :
    • Published: Dec. 09, 2024
    • Modified: Dec. 09, 2024

  • 5.4

    MEDIUM
    CVE-2023-29239

    Missing Authorization vulnerability in LuckyWP LuckyWP Scripts Control allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LuckyWP Scripts Control: from n/a through 1.2.1.... Read more

    Affected Products :
    • Published: Dec. 09, 2024
    • Modified: Dec. 09, 2024

  • 5.4

    MEDIUM
    CVE-2024-11025

    An authenticated attacker with low privileges may use a SQL Injection vulnerability in the affected products administration panel to gain read and write access to a specific log file of the device.... Read more

    Affected Products :
    • Published: Nov. 27, 2024
    • Modified: Nov. 27, 2024

  • 5.4

    MEDIUM
    CVE-2023-31214

    Missing Authorization vulnerability in Arul Prasad J WP Quick Post Duplicator allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Quick Post Duplicator: from n/a through 2.0.... Read more

    Affected Products :
    • Published: Dec. 09, 2024
    • Modified: Dec. 09, 2024

  • 5.4

    MEDIUM
    CVE-2023-32094

    Missing Authorization vulnerability in Felix Welberg Extended Post Status allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Extended Post Status: from n/a through 1.0.19.... Read more

    Affected Products :
    • Published: Dec. 09, 2024
    • Modified: Dec. 09, 2024

  • 5.4

    MEDIUM
    CVE-2023-47694

    Missing Authorization vulnerability in appsbd Mini Cart Drawer For WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mini Cart Drawer For WooCommerce: from n/a through 4.0.0.... Read more

    Affected Products :
    • Published: Dec. 09, 2024
    • Modified: Dec. 09, 2024

  • 5.4

    MEDIUM
    CVE-2023-47869

    Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in gVectors Team wpForo Forum allows Code Injection.This issue affects wpForo Forum: from n/a through 2.2.5.... Read more

    Affected Products : wpforo_forum
    • Published: Dec. 09, 2024
    • Modified: Feb. 06, 2025

  • 5.4

    MEDIUM
    CVE-2023-48287

    Missing Authorization vulnerability in Matat Technologies TextMe SMS allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects TextMe SMS: from n/a through 1.9.0.... Read more

    Affected Products :
    • Published: Dec. 09, 2024
    • Modified: Dec. 09, 2024

  • 5.4

    MEDIUM
    CVE-2023-48774

    Missing Authorization vulnerability in Martin Gibson IdeaPush allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects IdeaPush: from n/a through n/a.... Read more

    Affected Products : ideapush
    • Published: Dec. 09, 2024
    • Modified: Jun. 09, 2025

  • 5.4

    MEDIUM
    CVE-2023-48776

    Missing Authorization vulnerability in Thomas Scholl canvasio3D Light allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects canvasio3D Light: from n/a through 2.5.0.... Read more

    Affected Products : canvasio3d_light
    • Published: Dec. 09, 2024
    • Modified: Dec. 09, 2024

  • 5.4

    MEDIUM
    CVE-2023-49755

    Missing Authorization vulnerability in B.M. Rafiul Alam Elementor Timeline Widget allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elementor Timeline Widget: from n/a through 2.2.... Read more

    Affected Products :
    • Published: Dec. 09, 2024
    • Modified: Dec. 09, 2024

  • 5.4

    MEDIUM
    CVE-2023-50899

    Missing Authorization vulnerability in MultiVendorX Product Catalog Enquiry for WooCommerce by MultiVendorX allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Catalog Enquiry for WooCommerce by MultiVendorX:... Read more

    • Published: Dec. 09, 2024
    • Modified: Dec. 09, 2024

  • 5.4

    MEDIUM
    CVE-2024-53798

    Missing Authorization vulnerability in BAKKBONE Australia FloristPress.This issue affects FloristPress: from n/a through 7.3.0.... Read more

    Affected Products :
    • Published: Dec. 09, 2024
    • Modified: Dec. 09, 2024
Showing 20 of 291312 Results