Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
Following is the list of latest published vulnerabilities. You can filter the list based on the severity of the vulnerability, whether it is actively exploited (also known as CISA KEV List) or remotely exploitable. You can also sort the list based on the published date, last updated date, or CVSS score.
Latest Critical Actively Exploited Remotely Exploitable
Published Last Updated CVSS Score

  • 8.8

    HIGH
    CVE-2024-43296

    Missing Authorization vulnerability in bPlugins LLC Flash & HTML5 Video allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Flash & HTML5 Video: from n/a through 2.5.30.... Read more

    Affected Products : html5_video_player
    • Published: Nov. 01, 2024
    • Modified: Nov. 13, 2024

  • 8.8

    HIGH
    CVE-2024-43293

    Missing Authorization vulnerability in WPZOOM Recipe Card Blocks for Gutenberg & Elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Recipe Card Blocks for Gutenberg & Elementor: from n/a through 3.3.1.... Read more

    • Published: Nov. 01, 2024
    • Modified: Nov. 13, 2024

  • 5.3

    MEDIUM
    CVE-2024-43290

    Missing Authorization vulnerability in Atarim allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Atarim: from n/a through 4.0.1.... Read more

    Affected Products :
    • Published: Nov. 01, 2024
    • Modified: Nov. 01, 2024

  • 6.3

    MEDIUM
    CVE-2024-43285

    Missing Authorization vulnerability in Presto Made, Inc Presto Player allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Presto Player: from n/a through 3.0.2.... Read more

    Affected Products :
    • Published: Nov. 01, 2024
    • Modified: Nov. 01, 2024

  • 5.3

    MEDIUM
    CVE-2024-43277

    Missing Authorization vulnerability in AyeCode Ltd UsersWP allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects UsersWP: from n/a through 1.2.15.... Read more

    Affected Products : userswp
    • Published: Nov. 01, 2024
    • Modified: Nov. 01, 2024

  • 5.8

    MEDIUM
    CVE-2024-43274

    Missing Authorization vulnerability in JS Help Desk JS Help Desk – Best Help Desk & Support Plugin allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects JS Help Desk – Best Help Desk & Support Plugin: from n/a through 2.8.6.... Read more

    Affected Products :
    • Published: Nov. 01, 2024
    • Modified: Nov. 01, 2024

  • 5.4

    MEDIUM
    CVE-2024-43273

    Missing Authorization vulnerability in icegram Icegram Collect plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Icegram Collect plugin: from n/a through 1.3.14.... Read more

    Affected Products :
    • Published: Nov. 01, 2024
    • Modified: Nov. 01, 2024

  • 5.3

    MEDIUM
    CVE-2024-43270

    Missing Authorization vulnerability in WPBackItUp Backup and Restore WordPress allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Backup and Restore WordPress: from n/a through 1.50.... Read more

    Affected Products : backup_and_restore_wordpress
    • Published: Nov. 01, 2024
    • Modified: Nov. 01, 2024

  • 5.4

    MEDIUM
    CVE-2024-43268

    Access Control vulnerability in WPBackItUp Backup and Restore WordPress allows . This issue affects Backup and Restore WordPress: from n/a through 1.50.... Read more

    Affected Products : backup_and_restore_wordpress
    • Published: Nov. 01, 2024
    • Modified: Nov. 01, 2024

  • 5.4

    MEDIUM
    CVE-2024-43260

    Missing Authorization vulnerability in Creative Motion Clearfy Cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Clearfy Cache: from n/a through 2.2.4.... Read more

    Affected Products :
    • Published: Nov. 01, 2024
    • Modified: Nov. 01, 2024

  • 8.8

    HIGH
    CVE-2024-43254

    Missing Authorization vulnerability in Zaytech Smart Online Order for Clover allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smart Online Order for Clover: from n/a through 1.5.6.... Read more

    Affected Products : smart_online_order_for_clover
    • Published: Nov. 01, 2024
    • Modified: Feb. 10, 2025

  • 9.8

    CRITICAL
    CVE-2024-43253

    Missing Authorization vulnerability in Zaytech Smart Online Order for Clover allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Smart Online Order for Clover: from n/a through 1.5.6.... Read more

    Affected Products : smart_online_order_for_clover
    • Published: Nov. 01, 2024
    • Modified: Feb. 10, 2025

  • 7.1

    HIGH
    CVE-2024-43235

    Missing Authorization vulnerability in MetaBox.Io Meta Box – WordPress Custom Fields Framework allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Meta Box – WordPress Custom Fields Framework: from n/a through 5.9.10... Read more

    Affected Products :
    • Published: Nov. 01, 2024
    • Modified: Nov. 01, 2024

  • 4.3

    MEDIUM
    CVE-2024-43229

    Missing Authorization vulnerability in Cornel Raiu WP Search Analytics allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Search Analytics: from n/a through 1.4.9.... Read more

    Affected Products :
    • Published: Nov. 01, 2024
    • Modified: Nov. 01, 2024

  • 8.8

    HIGH
    CVE-2024-43223

    Missing Authorization vulnerability in EventPrime Events EventPrime allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects EventPrime: from n/a through 4.0.3.2.... Read more

    Affected Products : eventprime eventprime
    • Published: Nov. 01, 2024
    • Modified: Aug. 12, 2025

  • 5.3

    MEDIUM
    CVE-2024-43219

    Missing Authorization vulnerability in ووکامرس فارسی Persian WooCommerce allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Persian WooCommerce: from n/a through 7.1.6.... Read more

    Affected Products :
    • Published: Nov. 01, 2024
    • Modified: Nov. 05, 2024

  • 4.3

    MEDIUM
    CVE-2024-43215

    Missing Authorization vulnerability in creativemotion Social Slider Feed allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Social Slider Feed: from n/a through 2.2.2.... Read more

    Affected Products : social_slider_widget
    • Published: Nov. 01, 2024
    • Modified: Nov. 01, 2024

  • 7.5

    HIGH
    CVE-2024-43212

    Missing Authorization vulnerability in MagePeople Team WpTravelly allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WpTravelly: from n/a through 1.7.7.... Read more

    Affected Products :
    • Published: Nov. 01, 2024
    • Modified: Nov. 01, 2024

  • 5.9

    MEDIUM
    CVE-2024-43211

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PluginOps MailChimp Subscribe Forms allows Stored XSS.This issue affects MailChimp Subscribe Forms : from n/a through 4.0.9.9.... Read more

    Affected Products : mailchimp_subscribe_form
    • Published: Nov. 01, 2024
    • Modified: Nov. 19, 2024

  • 6.5

    MEDIUM
    CVE-2024-43209

    Missing Authorization vulnerability in Bitly allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bitly: from n/a through 2.7.2.... Read more

    Affected Products :
    • Published: Nov. 01, 2024
    • Modified: Nov. 01, 2024
Showing 20 of 293654 Results