Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 5.4

    MEDIUM
    CVE-2023-48324

    Missing Authorization vulnerability in Awesome Support Team Awesome Support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Support: from n/a through 6.1.4.... Read more

    Affected Products : awesome_support
    • Published: Dec. 09, 2024
    • Modified: May. 29, 2025

  • 5.4

    MEDIUM
    CVE-2023-49757

    Missing Authorization vulnerability in Awesome Support Team Awesome Support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Support: from n/a through 6.1.10.... Read more

    Affected Products : awesome_support
    • Published: Dec. 09, 2024
    • Modified: May. 29, 2025

  • 6.5

    MEDIUM
    CVE-2023-49857

    Missing Authorization vulnerability in Awesome Support Team Awesome Support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Awesome Support: from n/a through 6.1.7.... Read more

    Affected Products : awesome_support
    • Published: Dec. 09, 2024
    • Modified: May. 29, 2025

  • 8.8

    HIGH
    CVE-2023-51356

    Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through 4.0.10.... Read more

    Affected Products : armember
    • Published: May. 17, 2024
    • Modified: May. 29, 2025

  • 8.8

    HIGH
    CVE-2023-47837

    Improper Privilege Management vulnerability in Repute Infosystems ARMember allows Privilege Escalation.This issue affects ARMember: from n/a through 4.0.10.... Read more

    Affected Products : armember
    • Published: Jun. 04, 2024
    • Modified: May. 29, 2025

  • 8.8

    HIGH
    CVE-2023-45760

    Missing Authorization vulnerability in gVectors Team wpDiscuz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpDiscuz: from n/a through 7.6.3.... Read more

    Affected Products : wpdiscuz
    • Published: Jan. 02, 2025
    • Modified: May. 29, 2025
    • Vuln Type: Authorization

  • 8.8

    HIGH
    CVE-2024-30222

    Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects ARMember: from n/a through 4.0.26. ... Read more

    Affected Products : armember
    • Published: Mar. 28, 2024
    • Modified: May. 29, 2025

  • 9.8

    CRITICAL
    CVE-2024-30223

    Deserialization of Untrusted Data vulnerability in Repute Infosystems ARMember.This issue affects ARMember: from n/a through 4.0.26. ... Read more

    Affected Products : armember
    • Published: Mar. 28, 2024
    • Modified: May. 29, 2025

  • 6.1

    MEDIUM
    CVE-2024-35283

    A vulnerability in the Ignite component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct a stored cross-site scripting (XSS) attack due to insufficient input validation.... Read more

    Affected Products : micontact_center_business
    • Published: May. 29, 2024
    • Modified: May. 29, 2025

  • 5.4

    MEDIUM
    CVE-2024-35284

    A vulnerability in the legacy chat component of Mitel MiContact Center Business through 10.0.0.4 could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack due to insufficient input validation.... Read more

    Affected Products : micontact_center_business
    • Published: May. 29, 2024
    • Modified: May. 29, 2025

  • 9.8

    CRITICAL
    CVE-2024-36042

    Silverpeas before 6.3.5 allows authentication bypass by omitting the Password field to AuthenticationServlet, often providing an unauthenticated user with superadmin access.... Read more

    Affected Products : silverpeas
    • Published: Jun. 03, 2024
    • Modified: May. 29, 2025

  • 9.1

    CRITICAL
    CVE-2024-4180

    The Events Calendar WordPress plugin before 6.4.0.1 does not properly sanitize user-submitted content when rendering some views via AJAX.... Read more

    • Published: Jun. 04, 2024
    • Modified: May. 29, 2025

  • 4.3

    MEDIUM
    CVE-2024-4274

    The Essential Real Estate plugin for WordPress is vulnerable to unauthorized loss of data due to insufficient validation on the remove_property_attachment_ajax() function in all versions up to, and including, 4.4.2. This makes it possible for authenticate... Read more

    Affected Products : essential_real_estate
    • Published: Jun. 04, 2024
    • Modified: May. 29, 2025

  • 6.1

    MEDIUM
    CVE-2023-46310

    Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in gVectors Team wpDiscuz allows Code Injection.This issue affects wpDiscuz: from n/a through 7.6.10.... Read more

    Affected Products : wpdiscuz
    • Published: Jun. 04, 2024
    • Modified: May. 29, 2025

  • 6.4

    MEDIUM
    CVE-2024-4273

    The Essential Real Estate plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'ere_property_map' shortcode in all versions up to, and including, 4.4.2 due to insufficient input sanitization and output escaping on user suppli... Read more

    Affected Products : essential_real_estate
    • Published: Jun. 04, 2024
    • Modified: May. 29, 2025

  • 8.2

    HIGH
    CVE-2023-51667

    Authentication Bypass by Spoofing vulnerability in FeedbackWP Rate my Post – WP Rating System allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Rate my Post – WP Rating System: from n/a through 3.4.2.... Read more

    Affected Products : rate_my_post
    • Published: Jun. 04, 2024
    • Modified: May. 29, 2025

  • 5.3

    MEDIUM
    CVE-2024-32715

    Missing Authorization vulnerability in Olive Themes Olive One Click Demo Import.This issue affects Olive One Click Demo Import: from n/a through 1.1.1.... Read more

    Affected Products : olive_one_click_demo_import
    • Published: Jun. 09, 2024
    • Modified: May. 29, 2025

  • 7.8

    HIGH
    CVE-2024-36302

    An origin validation vulnerability in the Trend Micro Apex One security agent could allow a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the ta... Read more

    Affected Products : apex_one
    • Published: Jun. 10, 2024
    • Modified: May. 29, 2025

  • 7.3

    HIGH
    CVE-2023-46309

    Missing Authorization vulnerability in gVectors Team wpDiscuz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpDiscuz: from n/a through 7.6.10.... Read more

    Affected Products : wpdiscuz
    • Published: Jan. 02, 2025
    • Modified: May. 29, 2025
    • Vuln Type: Authorization

  • 7.2

    HIGH
    CVE-2022-35772

    Azure Site Recovery Remote Code Execution Vulnerability... Read more

    • EPSS Score: %1.68
    • Published: Aug. 09, 2022
    • Modified: May. 29, 2025
Showing 20 of 291779 Results