CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 4160 of 16855 results
«« First « Prev Page 3 / 843 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2026-57631 Administrator SQL Injection in Popup box <= 6.0.1 versions. 7.6 0.28% 2026-06-26 2026-06-26
CVE-2026-57630 Unauthenticated Insecure Direct Object References (IDOR) in Blocksy Companion Pro <= 2.1.46 versions. 5.3 0.23% 2026-06-26 2026-06-26
CVE-2026-57629 Contributor Cross Site Scripting (XSS) in StatCounter <= 2.1.1 versions. 6.5 0.16% 2026-06-26 2026-06-29
CVE-2026-57628 Administrator SQL Injection in WP All Import <= 4.0.1 versions. 7.6 0.28% 2026-06-26 2026-06-26
CVE-2026-57627 Subscriber Server Side Request Forgery (SSRF) in Kirki <= 6.0.11 versions. 4.9 0.18% 2026-06-26 2026-06-26
CVE-2026-57622 Subscriber Broken Access Control in WPCafe <= 3.0.14 versions. 4.3 0.26% 2026-06-26 2026-06-26
CVE-2026-57620 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Tim Strifler Exclusive Addons Elementor allows Stored XSS. This issue affects Exclusive Addons Elementor: from n/a through 2.7.9.8. 6.5 0.13% 2026-06-26 2026-06-26
CVE-2026-57619 Contributor Sensitive Data Exposure in Elementor Website Builder <= 4.1.3 versions. 6.5 0.27% 2026-06-25 2026-06-25
CVE-2026-57618 Contributor Cross Site Scripting (XSS) in Neve PRO <= 3.1.2 versions. 6.5 0.16% 2026-06-26 2026-06-26
CVE-2026-57617 Contributor Cross Site Scripting (XSS) in SeedProd Pro < 6.19.5 versions. 6.5 0.16% 2026-06-26 2026-06-26
CVE-2026-57431 Author Cross Site Scripting (XSS) in Featured Image <= 2.1 versions. 6.5 0.16% 2026-06-26 2026-06-29
CVE-2026-57430 Contributor Broken Access Control in SEOPress PRO <= 9.1.1 versions. 4.3 0.18% 2026-06-26 2026-06-26
CVE-2026-57429 Contributor Broken Access Control in Slim SEO <= 4.6.2 versions. 6.5 0.25% 2026-06-25 2026-06-25
CVE-2026-57346 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Epiphyt Embed Privacy allows Path Traversal. This issue affects Embed Privacy: from n/a through 1.12.3. 7.1 0.27% 2026-06-29 2026-06-29
CVE-2026-57341 Unauthenticated Insecure Direct Object References (IDOR) in Colissimo Officiel : Méthodes de livraison pour WooCommerce <= 2.9.0 versions. 6.5 0.26% 2026-06-29 2026-06-29
CVE-2026-57340 Unauthenticated Broken Access Control in Japanized For WooCommerce <= 2.9.12 versions. 6.5 0.20% 2026-06-29 2026-06-29
CVE-2026-57339 Unauthenticated Broken Access Control in Business Directory <= 6.4.23 versions. 6.5 0.20% 2026-06-29 2026-06-29
CVE-2026-57338 Unauthenticated Cross Site Scripting (XSS) in ARForms <= 7.1.2 versions. 7.1 0.15% 2026-06-29 2026-06-29
CVE-2026-57337 Unauthenticated Cross Site Scripting (XSS) in Landing Page Builder <= 1.5.3.5 versions. 7.1 0.15% 2026-06-29 2026-06-29
CVE-2026-57336 Unauthenticated Cross Site Scripting (XSS) in Jobify <= 4.3.2 versions. 7.1 0.15% 2026-06-29 2026-06-29
«« First « Prev Page 3 / 843 Next »
cvelogic Threat Intelligence