Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.8

    HIGH
    CVE-2024-47314

    Missing Authorization vulnerability in WP Sunshine Sunshine Photo Cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through 3.2.8.... Read more

    Affected Products : sunshine_photo_cart
    • Published: Nov. 01, 2024
    • Modified: Nov. 12, 2024

  • 9.8

    CRITICAL
    CVE-2024-47311

    Missing Authorization vulnerability in Kraft Plugins Wheel of Life allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Wheel of Life: from n/a through 1.1.8.... Read more

    Affected Products : wheel_of_life
    • Published: Nov. 01, 2024
    • Modified: Nov. 12, 2024

  • 9.8

    CRITICAL
    CVE-2024-47308

    Missing Authorization vulnerability in Templately allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Templately: from n/a through 3.1.2.... Read more

    Affected Products : templately
    • Published: Nov. 01, 2024
    • Modified: Nov. 12, 2024

  • 9.8

    CRITICAL
    CVE-2024-47302

    Missing Authorization vulnerability in WPManageNinja LLC Fluent Support allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fluent Support: from n/a through 1.8.0.... Read more

    Affected Products : fluent_support
    • Published: Nov. 01, 2024
    • Modified: Nov. 12, 2024

  • 8.8

    HIGH
    CVE-2024-44052

    Missing Authorization vulnerability in HelloAsso allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HelloAsso: from n/a through 1.1.10.... Read more

    Affected Products : helloasso
    • Published: Nov. 01, 2024
    • Modified: Nov. 08, 2024

  • 9.8

    CRITICAL
    CVE-2024-44038

    Missing Authorization vulnerability in WP Sunshine Sunshine Photo Cart allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sunshine Photo Cart: from n/a through 3.2.9.... Read more

    Affected Products : sunshine_photo_cart
    • Published: Nov. 01, 2024
    • Modified: Nov. 08, 2024

  • 8.8

    HIGH
    CVE-2024-44031

    Missing Authorization vulnerability in BearDev JoomSport allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JoomSport: from n/a through 5.6.3.... Read more

    Affected Products : joomsport
    • Published: Nov. 01, 2024
    • Modified: Nov. 08, 2024

  • 8.8

    HIGH
    CVE-2024-44021

    Missing Authorization vulnerability in Truepush allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Truepush: from n/a through 1.0.8.... Read more

    Affected Products : truepush
    • Published: Nov. 01, 2024
    • Modified: Nov. 08, 2024

  • 8.8

    HIGH
    CVE-2024-44020

    Missing Authorization vulnerability in Prasad Kirpekar WP Free SSL – Free SSL Certificate for WordPress and force HTTPS allows . This issue affects WP Free SSL – Free SSL Certificate for WordPress and force HTTPS: from n/a through 1.2.6.... Read more

    Affected Products : wp_free_ssl
    • Published: Nov. 01, 2024
    • Modified: Nov. 08, 2024

  • 9.8

    CRITICAL
    CVE-2024-44019

    Missing Authorization vulnerability in Renzo Johnson Contact Form 7 Campaign Monitor Extension allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Contact Form 7 Campaign Monitor Extension: from n/a through 0.4.67.... Read more

    • Published: Nov. 01, 2024
    • Modified: Nov. 08, 2024

  • 8.8

    HIGH
    CVE-2024-44006

    Missing Authorization vulnerability in OnTheGoSystems WooCommerce Multilingual & Multicurrency multilingual allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WooCommerce Multilingual & Multicurrency: from n/a throu... Read more

    • Published: Nov. 01, 2024
    • Modified: Nov. 08, 2024

  • 9.8

    CRITICAL
    CVE-2024-43998

    Missing Authorization vulnerability in WebsiteinWP Blogpoet allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Blogpoet: from n/a through 1.0.3.... Read more

    Affected Products : blogpoet
    • Published: Nov. 01, 2024
    • Modified: Nov. 08, 2024

  • 8.8

    HIGH
    CVE-2024-43982

    Missing Authorization vulnerability in Geek Code Lab Login As Users allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Login As Users: from n/a through 1.4.3.... Read more

    Affected Products : login_as_users
    • Published: Nov. 01, 2024
    • Modified: Nov. 08, 2024

  • 8.8

    HIGH
    CVE-2024-43981

    Missing Authorization vulnerability in AyeCode – WP Business Directory Plugins GeoDirectory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GeoDirectory: from n/a through 2.3.70.... Read more

    Affected Products : geodirectory
    • Published: Nov. 01, 2024
    • Modified: Nov. 08, 2024

  • 9.8

    CRITICAL
    CVE-2024-43980

    Missing Authorization vulnerability in CozyThemes Fota WP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fota WP: from n/a through 1.4.1.... Read more

    Affected Products : fotawp
    • Published: Nov. 01, 2024
    • Modified: Nov. 08, 2024

  • 9.8

    CRITICAL
    CVE-2024-43979

    Missing Authorization vulnerability in CozyThemes Blockbooster allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Blockbooster: from n/a through 1.0.10.... Read more

    Affected Products : blockbooster
    • Published: Nov. 01, 2024
    • Modified: Nov. 08, 2024

  • 9.8

    CRITICAL
    CVE-2024-43974

    Missing Authorization vulnerability in CozyThemes ReviveNews allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects ReviveNews: from n/a through 1.0.2.... Read more

    Affected Products : revivenews
    • Published: Nov. 01, 2024
    • Modified: Nov. 08, 2024

  • 8.8

    HIGH
    CVE-2024-43973

    Missing Authorization vulnerability in AyeCode Ltd GetPaid allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GetPaid: from n/a through 2.8.11.... Read more

    Affected Products : getpaid
    • Published: Nov. 01, 2024
    • Modified: Nov. 08, 2024

  • 8.8

    HIGH
    CVE-2024-43968

    Broken Access Control vulnerability in Automattic Newspack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Newspack: from n/a through 3.8.6.... Read more

    Affected Products : newspack
    • Published: Nov. 01, 2024
    • Modified: Nov. 08, 2024

  • 8.8

    HIGH
    CVE-2024-43962

    Missing Authorization vulnerability in LWS LWS Affiliation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LWS Affiliation: from n/a through 2.3.4.... Read more

    Affected Products : affiliation
    • Published: Nov. 01, 2024
    • Modified: Nov. 08, 2024
Showing 20 of 293633 Results