Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2026-57631 | Administrator SQL Injection in Popup box <= 6.0.1 versions. | 7.6 | 0.28% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57630 | Unauthenticated Insecure Direct Object References (IDOR) in Blocksy Companion Pro <= 2.1.46 versions. | 5.3 | 0.23% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57629 | Contributor Cross Site Scripting (XSS) in StatCounter <= 2.1.1 versions. | 6.5 | 0.16% | 2026-06-26 | 2026-06-29 |
| CVE-2026-57628 | Administrator SQL Injection in WP All Import <= 4.0.1 versions. | 7.6 | 0.28% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57627 | Subscriber Server Side Request Forgery (SSRF) in Kirki <= 6.0.11 versions. | 4.9 | 0.18% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57622 | Subscriber Broken Access Control in WPCafe <= 3.0.14 versions. | 4.3 | 0.26% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57620 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tim Strifler Exclusive Addons Elementor allows Stored XSS. This issue affects Exclusive Addons Elementor: from n/a through 2.7.9.8. | 6.5 | 0.13% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57619 | Contributor Sensitive Data Exposure in Elementor Website Builder <= 4.1.3 versions. | 6.5 | 0.27% | 2026-06-25 | 2026-06-25 |
| CVE-2026-57618 | Contributor Cross Site Scripting (XSS) in Neve PRO <= 3.1.2 versions. | 6.5 | 0.16% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57617 | Contributor Cross Site Scripting (XSS) in SeedProd Pro < 6.19.5 versions. | 6.5 | 0.16% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57431 | Author Cross Site Scripting (XSS) in Featured Image <= 2.1 versions. | 6.5 | 0.16% | 2026-06-26 | 2026-06-29 |
| CVE-2026-57430 | Contributor Broken Access Control in SEOPress PRO <= 9.1.1 versions. | 4.3 | 0.18% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57429 | Contributor Broken Access Control in Slim SEO <= 4.6.2 versions. | 6.5 | 0.25% | 2026-06-25 | 2026-06-25 |
| CVE-2026-57346 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Epiphyt Embed Privacy allows Path Traversal. This issue affects Embed Privacy: from n/a through 1.12.3. | 7.1 | 0.27% | 2026-06-29 | 2026-06-29 |
| CVE-2026-57341 | Unauthenticated Insecure Direct Object References (IDOR) in Colissimo Officiel : Méthodes de livraison pour WooCommerce <= 2.9.0 versions. | 6.5 | 0.26% | 2026-06-29 | 2026-06-29 |
| CVE-2026-57340 | Unauthenticated Broken Access Control in Japanized For WooCommerce <= 2.9.12 versions. | 6.5 | 0.20% | 2026-06-29 | 2026-06-29 |
| CVE-2026-57339 | Unauthenticated Broken Access Control in Business Directory <= 6.4.23 versions. | 6.5 | 0.20% | 2026-06-29 | 2026-06-29 |
| CVE-2026-57338 | Unauthenticated Cross Site Scripting (XSS) in ARForms <= 7.1.2 versions. | 7.1 | 0.15% | 2026-06-29 | 2026-06-29 |
| CVE-2026-57337 | Unauthenticated Cross Site Scripting (XSS) in Landing Page Builder <= 1.5.3.5 versions. | 7.1 | 0.15% | 2026-06-29 | 2026-06-29 |
| CVE-2026-57336 | Unauthenticated Cross Site Scripting (XSS) in Jobify <= 4.3.2 versions. | 7.1 | 0.15% | 2026-06-29 | 2026-06-29 |