CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 101120 of 16964 results
«« First « Prev Page 6 / 849 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2022-25610 Unauthenticated Stored Cross-Site Scripting (XSS) in Simple Ajax Chat <= 20220115 allows an attacker to store the malicious code. However, the attack requires specific conditions, making it hard to exploit. 3.4 0.69% 2022-03-25 2026-06-17
CVE-2022-25611 Authenticated Stored Cross-Site Scripting (XSS) in Simple Event Planner plugin <= 1.5.4 allows attackers with contributor or higher user roles to inject the malicious script by using vulnerable parameter &custom[add_seg][]. 4.1 0.55% 2022-03-25 2026-06-17
CVE-2022-25612 Multiple Authenticated Persistent Cross-Site Scripting (XSS) vulnerabilities in Simple Event Planner WordPress plugin <= 1.5.4 allows user with author or higher user rights inject the malicious code via vulnerable parameters: &custom[event_organiser], &custom[organiser_email], &custom[organiser_contact]. 4.1 0.55% 2022-03-25 2026-06-17
CVE-2022-25613 Authenticated Persistent Cross-Site Scripting (XSS) vulnerability in FV Flowplayer Video Player (WordPress plugin) versions <= 7.5.18.727 via &fv_wp_flowplayer_field_splash parameter. 4.1 0.54% 2022-04-04 2026-06-17
CVE-2022-25614 Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress plugin) <= 1.3.7 allows an attacker to Sync with Zoom Meetings. 4.3 0.42% 2022-04-11 2026-06-17
CVE-2022-25615 Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom – Zoom Meetings & Webinar (WordPress plugin) <= 1.3.8 allows cache deletion. 4.3 0.42% 2022-04-11 2026-06-17
CVE-2022-25617 Reflected Cross-Site Scripting (XSS) vulnerability in Code Snippets plugin <= 2.14.3 at WordPress via &orderby vulnerable parameter. 4.7 0.76% 2022-05-18 2026-06-17
CVE-2022-25618 Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in wpDataTables (WordPress plugin) versions <= 2.1.27 3.4 0.53% 2022-04-04 2026-06-17
CVE-2022-25649 Multiple Improper Access Control vulnerabilities in StoreApps Affiliate For WooCommerce premium plugin <= 4.7.0 at WordPress. 5.0 0.69% 2022-08-05 2026-06-17
CVE-2022-25952 Cross-Site Request Forgery (CSRF) vulnerability in Keywordrush Content Egg plugin <= 5.4.0 on WordPress. 4.3 0.28% 2022-11-03 2026-06-17
CVE-2022-26366 Cross-Site Request Forgery (CSRF) in AdRotate Banner Manager Plugin <= 5.9 on WordPress. 5.4 0.26% 2022-11-30 2026-06-17
CVE-2022-26375 Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Mammothology AB Press Optimizer plugin <= 1.1.1 on WordPress. 4.8 0.40% 2022-10-17 2026-06-17
CVE-2022-27235 Multiple Broken Access Control vulnerabilities in Social Share Buttons by Supsystic plugin <= 2.2.3 at WordPress. 6.3 0.69% 2022-07-22 2026-06-17
CVE-2022-27628 Cross-Site Request Forgery (CSRF) vulnerability in AA-Team WZone – Lite Version plugin 3.1 Lite versions. 4.7 0.23% 2023-02-06 2026-06-17
CVE-2022-27844 Arbitrary File Read vulnerability in WPvivid Team Migration, Backup, Staging – WPvivid (WordPress plugin) versions <= 0.9.70 2.7 1.42% 2022-04-11 2026-06-17
CVE-2022-27845 Authenticated (admin or higher user role) Stored Cross-Site Scripting (XSS) in PlausibleHQ Plausible Analytics (WordPress plugin) <= 1.2.2 4.8 0.81% 2022-04-11 2026-06-17
CVE-2022-27846 Cross-Site Request Forgery (CSRF) vulnerability in Yooslider Yoo Slider <= 2.0.0 on WordPress allows attackers to create or modify slider. 4.3 0.40% 2022-04-13 2026-06-17
CVE-2022-27847 Cross-Site Request Forgery (CSRF) vulnerability in Yooslider Yoo Slider <= 2.0.0 on WordPress allows attackers to import templates. 4.3 0.40% 2022-04-13 2026-06-17
CVE-2022-27848 Authenticated (admin+ user) Stored Cross-Site Scripting (XSS) in Modern Events Calendar Lite (WordPress plugin) <= 6.5.1 3.4 0.53% 2022-04-14 2026-06-17
CVE-2022-27849 Sensitive Information Disclosure (sac-export.csv) in Simple Ajax Chat (WordPress plugin) <= 20220115 5.3 4.62% 2022-04-15 2026-06-17
«« First « Prev Page 6 / 849 Next »
cvelogic Threat Intelligence