Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 9.8

    CRITICAL
    CVE-2024-43980

    Missing Authorization vulnerability in CozyThemes Fota WP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fota WP: from n/a through 1.4.1.... Read more

    Affected Products : fotawp
    • Published: Nov. 01, 2024
    • Modified: Nov. 08, 2024

  • 9.8

    CRITICAL
    CVE-2024-43979

    Missing Authorization vulnerability in CozyThemes Blockbooster allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Blockbooster: from n/a through 1.0.10.... Read more

    Affected Products : blockbooster
    • Published: Nov. 01, 2024
    • Modified: Nov. 08, 2024

  • 9.8

    CRITICAL
    CVE-2024-43974

    Missing Authorization vulnerability in CozyThemes ReviveNews allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects ReviveNews: from n/a through 1.0.2.... Read more

    Affected Products : revivenews
    • Published: Nov. 01, 2024
    • Modified: Nov. 08, 2024

  • 8.8

    HIGH
    CVE-2024-43973

    Missing Authorization vulnerability in AyeCode Ltd GetPaid allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects GetPaid: from n/a through 2.8.11.... Read more

    Affected Products : getpaid
    • Published: Nov. 01, 2024
    • Modified: Nov. 08, 2024

  • 8.8

    HIGH
    CVE-2024-43968

    Broken Access Control vulnerability in Automattic Newspack allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Newspack: from n/a through 3.8.6.... Read more

    Affected Products : newspack
    • Published: Nov. 01, 2024
    • Modified: Nov. 08, 2024

  • 8.8

    HIGH
    CVE-2024-43962

    Missing Authorization vulnerability in LWS LWS Affiliation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects LWS Affiliation: from n/a through 2.3.4.... Read more

    Affected Products : affiliation
    • Published: Nov. 01, 2024
    • Modified: Nov. 08, 2024

  • 9.8

    CRITICAL
    CVE-2024-43956

    Missing Authorization vulnerability in Caseproof, LLC Memberpress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Memberpress: from n/a through 1.11.34.... Read more

    Affected Products : memberpress
    • Published: Nov. 01, 2024
    • Modified: Nov. 08, 2024

  • 6.4

    MEDIUM
    CVE-2024-43937

    Missing Authorization vulnerability in Themeum WP Crowdfunding allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Crowdfunding: from n/a through 2.1.10.... Read more

    Affected Products : wp_crowdfunding
    • Published: Nov. 01, 2024
    • Modified: Nov. 08, 2024

  • 8.8

    HIGH
    CVE-2024-43932

    Missing Authorization vulnerability in POSIMYTH The Plus Addons for Elementor Page Builder Lite allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Plus Addons for Elementor Page Builder Lite: from n/a through 5.... Read more

    Affected Products : the_plus_addons_for_elementor
    • Published: Nov. 01, 2024
    • Modified: Nov. 13, 2024

  • 9.8

    CRITICAL
    CVE-2024-43929

    Missing Authorization vulnerability in eyecix JobSearch allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JobSearch: from n/a through 2.5.4.... Read more

    Affected Products : jobsearch_wp_job_board
    • Published: Nov. 01, 2024
    • Modified: Nov. 12, 2024

  • 8.8

    HIGH
    CVE-2024-43928

    Missing Authorization vulnerability in eyecix JobSearch allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JobSearch: from n/a through 2.5.4.... Read more

    Affected Products : jobsearch_wp_job_board
    • Published: Nov. 01, 2024
    • Modified: Nov. 12, 2024

  • 8.8

    HIGH
    CVE-2024-43925

    Missing Authorization vulnerability in Envira Gallery Team Envira Photo Gallery allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Envira Photo Gallery: from n/a through 1.8.14.... Read more

    Affected Products : envira_gallery
    • Published: Nov. 01, 2024
    • Modified: Nov. 13, 2024

  • 9.8

    CRITICAL
    CVE-2024-43923

    Missing Authorization vulnerability in Arraytics Timetics allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Timetics: from n/a through 1.0.23.... Read more

    Affected Products : wp_timetics
    • Published: Nov. 01, 2024
    • Modified: Nov. 13, 2024

  • 9.8

    CRITICAL
    CVE-2024-43919

    Access Control vulnerability in YARPP YARPP allows . This issue affects YARPP: from n/a through 5.30.10.... Read more

    Affected Products : yet_another_related_posts_plugin
    • Published: Nov. 01, 2024
    • Modified: Nov. 13, 2024

  • 8.8

    HIGH
    CVE-2024-43355

    Missing Authorization vulnerability in BearDev JoomSport allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JoomSport: from n/a through 5.3.0.... Read more

    Affected Products : joomsport
    • Published: Nov. 01, 2024
    • Modified: Nov. 13, 2024

  • 8.8

    HIGH
    CVE-2024-43343

    Missing Authorization vulnerability in Etoile Web Design Order Tracking allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Order Tracking: from n/a through 3.3.12.... Read more

    Affected Products : order_tracking
    • Published: Nov. 01, 2024
    • Modified: Nov. 13, 2024

  • 9.8

    CRITICAL
    CVE-2024-43341

    Missing Authorization vulnerability in CozyThemes Hello Agency allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Hello Agency: from n/a through 1.0.5.... Read more

    Affected Products : hello_agency
    • Published: Nov. 01, 2024
    • Modified: Nov. 13, 2024

  • 8.8

    HIGH
    CVE-2024-43332

    Missing Authorization vulnerability in Jordy Meow Photo Engine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Photo Engine: from n/a through 6.4.0.... Read more

    Affected Products : photo_engine
    • Published: Nov. 01, 2024
    • Modified: Nov. 13, 2024

  • 9.8

    CRITICAL
    CVE-2024-43323

    Missing Authorization vulnerability in ReviewX ReviewX allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects ReviewX: from n/a through 1.6.28.... Read more

    Affected Products : reviewx
    • Published: Nov. 01, 2024
    • Modified: Nov. 19, 2024

  • 8.8

    HIGH
    CVE-2024-43314

    Missing Authorization vulnerability in Gabe Livan Asset CleanUp: Page Speed Booster allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Asset CleanUp: Page Speed Booster: from n/a through 1.3.9.3.... Read more

    Affected Products : asset_cleanup
    • Published: Nov. 01, 2024
    • Modified: Nov. 13, 2024
Showing 20 of 293639 Results