CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 6180 of 17114 results
«« First « Prev Page 4 / 856 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2026-57773 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Zorem Advanced Shipment Tracking for WooCommerce woo-advanced-shipment-tracking allows Blind SQL Injection.This issue affects Advanced Shipment Tracking for WooCommerce: from n/a through <= 4.0. 7.6 0.37% 2026-07-13 2026-07-13
CVE-2026-57772 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WP Inventory WP Inventory Manager wp-inventory-manager allows Blind SQL Injection.This issue affects WP Inventory Manager: from n/a through <= 2.4.0. 8.5 0.25% 2026-07-13 2026-07-13
CVE-2026-57771 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Milan Petrovic GD Rating System gd-rating-system allows Blind SQL Injection.This issue affects GD Rating System: from n/a through <= 3.7. 8.5 0.25% 2026-07-13 2026-07-13
CVE-2026-57770 Deserialization of Untrusted Data vulnerability in ThemeGoods Grand Photography grandphotography allows Object Injection.This issue affects Grand Photography: from n/a through <= 5.7.8. 9.8 0.31% 2026-07-13 2026-07-13
CVE-2026-57768 Incorrect Privilege Assignment vulnerability in favethemes Houzez Login Register houzez-login-register allows Privilege Escalation.This issue affects Houzez Login Register: from n/a through <= 3.3.3. 8.2 0.23% 2026-07-13 2026-07-13
CVE-2026-57766 Unauthenticated Cross Site Request Forgery (CSRF) in WPIDE – File Manager & Code Editor <= 3.5.6 versions. 8.8 0.14% 2026-07-02 2026-07-02
CVE-2026-57765 Contributor SQL Injection in WP EasyCart <= 5.9.0 versions. 8.5 0.22% 2026-07-02 2026-07-02
CVE-2026-57764 Contributor Cross Site Scripting (XSS) in Surbma | Yoast SEO Breadcrumb Shortcode <= 1.2 versions. 6.5 0.14% 2026-07-02 2026-07-02
CVE-2026-57763 Contributor Cross Site Scripting (XSS) in Structured Content <= 1.7.0 versions. 6.5 0.14% 2026-07-02 2026-07-02
CVE-2026-57762 Author Cross Site Scripting (XSS) in Simple URLs <= 151 versions. 5.9 0.15% 2026-07-02 2026-07-02
CVE-2026-57761 Unauthenticated Cross Site Request Forgery (CSRF) in SEOWP <= 3.12.2 versions. 7.1 0.09% 2026-07-02 2026-07-02
CVE-2026-57760 Missing Authorization vulnerability in Sendcloud Sendcloud Shipping allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Sendcloud Shipping: from n/a through 1.0.29. 5.3 0.18% 2026-07-02 2026-07-02
CVE-2026-57759 Unauthenticated Cross Site Request Forgery (CSRF) in ProfileGrid <= 5.9.9.7 versions. 8.8 0.14% 2026-07-02 2026-07-02
CVE-2026-57758 Unauthenticated Cross Site Request Forgery (CSRF) in Permalink Manager for WooCommerce <= 1.0.8.2 versions. 7.1 0.09% 2026-07-02 2026-07-02
CVE-2026-57757 Unauthenticated Cross Site Request Forgery (CSRF) in pCloud WP Backup <= 2.0.2 versions. 7.1 0.12% 2026-07-02 2026-07-02
CVE-2026-57756 Contributor SQL Injection in nicen-localize-image <= 1.4.9 versions. 8.5 0.22% 2026-07-02 2026-07-02
CVE-2026-57755 Contributor Cross Site Scripting (XSS) in Mosaic Gallery &#8211; Advanced Gallery <= 1.2.0 versions. 6.5 0.14% 2026-07-02 2026-07-02
CVE-2026-57754 Contributor Cross Site Scripting (XSS) in Livemesh Addons for WPBakery Page Builder <= 3.9.4 versions. 6.5 0.14% 2026-07-02 2026-07-02
CVE-2026-57753 Unauthenticated Sensitive Data Exposure in Kit (formerly ConvertKit) for WooCommerce <= 2.1.5 versions. 5.3 0.21% 2026-07-02 2026-07-02
CVE-2026-57752 Contributor SQL Injection in iNET Webkit 1.2.4 versions. 8.5 0.29% 2026-07-02 2026-07-02
«« First « Prev Page 4 / 856 Next »
cvelogic Threat Intelligence