Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2026-57773 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Zorem Advanced Shipment Tracking for WooCommerce woo-advanced-shipment-tracking allows Blind SQL Injection.This issue affects Advanced Shipment Tracking for WooCommerce: from n/a through <= 4.0. | 7.6 | 0.37% | 2026-07-13 | 2026-07-13 |
| CVE-2026-57772 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Inventory WP Inventory Manager wp-inventory-manager allows Blind SQL Injection.This issue affects WP Inventory Manager: from n/a through <= 2.4.0. | 8.5 | 0.25% | 2026-07-13 | 2026-07-13 |
| CVE-2026-57771 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Milan Petrovic GD Rating System gd-rating-system allows Blind SQL Injection.This issue affects GD Rating System: from n/a through <= 3.7. | 8.5 | 0.25% | 2026-07-13 | 2026-07-13 |
| CVE-2026-57770 | Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Photography grandphotography allows Object Injection.This issue affects Grand Photography: from n/a through <= 5.7.8. | 9.8 | 0.31% | 2026-07-13 | 2026-07-13 |
| CVE-2026-57768 | Incorrect Privilege Assignment vulnerability in favethemes Houzez Login Register houzez-login-register allows Privilege Escalation.This issue affects Houzez Login Register: from n/a through <= 3.3.3. | 8.2 | 0.23% | 2026-07-13 | 2026-07-13 |
| CVE-2026-57766 | Unauthenticated Cross Site Request Forgery (CSRF) in WPIDE – File Manager & Code Editor <= 3.5.6 versions. | 8.8 | 0.14% | 2026-07-02 | 2026-07-02 |
| CVE-2026-57765 | Contributor SQL Injection in WP EasyCart <= 5.9.0 versions. | 8.5 | 0.22% | 2026-07-02 | 2026-07-02 |
| CVE-2026-57764 | Contributor Cross Site Scripting (XSS) in Surbma | Yoast SEO Breadcrumb Shortcode <= 1.2 versions. | 6.5 | 0.14% | 2026-07-02 | 2026-07-02 |
| CVE-2026-57763 | Contributor Cross Site Scripting (XSS) in Structured Content <= 1.7.0 versions. | 6.5 | 0.14% | 2026-07-02 | 2026-07-02 |
| CVE-2026-57762 | Author Cross Site Scripting (XSS) in Simple URLs <= 151 versions. | 5.9 | 0.15% | 2026-07-02 | 2026-07-02 |
| CVE-2026-57761 | Unauthenticated Cross Site Request Forgery (CSRF) in SEOWP <= 3.12.2 versions. | 7.1 | 0.09% | 2026-07-02 | 2026-07-02 |
| CVE-2026-57760 | Missing Authorization vulnerability in Sendcloud Sendcloud Shipping allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Sendcloud Shipping: from n/a through 1.0.29. | 5.3 | 0.18% | 2026-07-02 | 2026-07-02 |
| CVE-2026-57759 | Unauthenticated Cross Site Request Forgery (CSRF) in ProfileGrid <= 5.9.9.7 versions. | 8.8 | 0.14% | 2026-07-02 | 2026-07-02 |
| CVE-2026-57758 | Unauthenticated Cross Site Request Forgery (CSRF) in Permalink Manager for WooCommerce <= 1.0.8.2 versions. | 7.1 | 0.09% | 2026-07-02 | 2026-07-02 |
| CVE-2026-57757 | Unauthenticated Cross Site Request Forgery (CSRF) in pCloud WP Backup <= 2.0.2 versions. | 7.1 | 0.12% | 2026-07-02 | 2026-07-02 |
| CVE-2026-57756 | Contributor SQL Injection in nicen-localize-image <= 1.4.9 versions. | 8.5 | 0.22% | 2026-07-02 | 2026-07-02 |
| CVE-2026-57755 | Contributor Cross Site Scripting (XSS) in Mosaic Gallery – Advanced Gallery <= 1.2.0 versions. | 6.5 | 0.14% | 2026-07-02 | 2026-07-02 |
| CVE-2026-57754 | Contributor Cross Site Scripting (XSS) in Livemesh Addons for WPBakery Page Builder <= 3.9.4 versions. | 6.5 | 0.14% | 2026-07-02 | 2026-07-02 |
| CVE-2026-57753 | Unauthenticated Sensitive Data Exposure in Kit (formerly ConvertKit) for WooCommerce <= 2.1.5 versions. | 5.3 | 0.21% | 2026-07-02 | 2026-07-02 |
| CVE-2026-57752 | Contributor SQL Injection in iNET Webkit 1.2.4 versions. | 8.5 | 0.29% | 2026-07-02 | 2026-07-02 |