CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 101120 of 17114 results
«« First « Prev Page 6 / 856 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2025-29005 Cross-Site Request Forgery (CSRF) vulnerability in Weblizar - WordPress Themes & Plugin HR Management Lite hr-management-lite allows Cross Site Request Forgery.This issue affects HR Management Lite: from n/a through <= 3.6. 4.3 0.05% 2025-06-06 2026-06-17
CVE-2025-28984 Cross-Site Request Forgery (CSRF) vulnerability in storepro Subscription Renewal Reminders for WooCommerce subscriptions-renewal-reminders allows Cross Site Request Forgery.This issue affects Subscription Renewal Reminders for WooCommerce: from n/a through <= 1.4.1. 4.3 0.05% 2025-06-06 2026-06-17
CVE-2025-28981 Cross-Site Request Forgery (CSRF) vulnerability in Soli WP Mail Options wp-mail-options allows Stored XSS.This issue affects WP Mail Options: from n/a through <= 0.2.3. 7.1 0.05% 2025-06-06 2026-06-17
CVE-2025-28974 Cross-Site Request Forgery (CSRF) vulnerability in mail250 Free WP Mail SMTP free-wp-mail-smtp allows Stored XSS.This issue affects Free WP Mail SMTP: from n/a through <= 1.0. 7.1 0.05% 2025-06-06 2026-06-17
CVE-2025-28966 Cross-Site Request Forgery (CSRF) vulnerability in dilemma123 Recent Posts Slider Responsive recent-posts-slider-responsive allows Stored XSS.This issue affects Recent Posts Slider Responsive: from n/a through <= 1.0.1. 7.1 0.05% 2025-06-06 2026-06-17
CVE-2025-28964 Cross-Site Request Forgery (CSRF) vulnerability in mangup Personal Favicon personal-favicon allows Stored XSS.This issue affects Personal Favicon: from n/a through <= 2.0. 7.1 0.05% 2025-06-06 2026-06-17
CVE-2025-28958 Cross-Site Request Forgery (CSRF) vulnerability in Vadim Bogaiskov Bg Orthodox Calendar bg-orthodox-calendar allows Stored XSS.This issue affects Bg Orthodox Calendar: from n/a through <= 0.13.10. 7.1 0.05% 2025-06-06 2026-06-17
CVE-2025-28952 Cross-Site Request Forgery (CSRF) vulnerability in Jonathan Lau CubePoints cubepoints allows Cross Site Request Forgery.This issue affects CubePoints: from n/a through <= 3.2.1. 4.3 0.05% 2025-06-06 2026-06-17
CVE-2025-28950 Cross-Site Request Forgery (CSRF) vulnerability in David Shabtai Post Author post-author allows Stored XSS.This issue affects Post Author: from n/a through <= 1.1.1. 7.1 0.05% 2025-06-06 2026-06-17
CVE-2025-27360 Cross-Site Request Forgery (CSRF) vulnerability in WP Corner Quick Event Calendar quick-event-calendar allows Cross Site Request Forgery.This issue affects Quick Event Calendar: from n/a through <= 1.4.9. 4.3 0.05% 2025-06-06 2026-06-17
CVE-2025-27359 Cross-Site Request Forgery (CSRF) vulnerability in Seerox WP Media File Type Manager wp-media-file-type-manager allows Cross Site Request Forgery.This issue affects WP Media File Type Manager: from n/a through <= 2.3.1. 4.3 0.05% 2025-06-06 2026-06-17
CVE-2025-24772 Cross-Site Request Forgery (CSRF) vulnerability in cmsMinds Pay with Contact Form 7 pay-with-contact-form-7 allows Cross Site Request Forgery.This issue affects Pay with Contact Form 7: from n/a through <= 1.0.4. 5.4 0.05% 2025-06-06 2026-06-17
CVE-2025-22634 Cross-Site Request Forgery (CSRF) vulnerability in MD Abu Jubayer Hossain Easy Booked – Appointment Booking and Scheduling Management System for WordPress easy-booked allows Cross Site Request Forgery.This issue affects Easy Booked – Appointment Booking and Scheduling Management System for WordPress: from n/a through <= 2.4.5. 5.4 0.05% 2025-03-27 2026-06-17
CVE-2025-58831 Cross-Site Request Forgery (CSRF) vulnerability in snagysandor Parallax Scrolling Enllax.js parallax-scrolling-enllax-js allows Cross Site Request Forgery.This issue affects Parallax Scrolling Enllax.js: from n/a through <= 0.0.6. 4.3 0.05% 2025-09-05 2026-06-17
CVE-2025-26768 Cross-Site Request Forgery (CSRF) vulnerability in what3words what3words Address Field 3-word-address-validation-field allows Stored XSS.This issue affects what3words Address Field: from n/a through <= 4.0.15. 7.1 0.05% 2025-02-16 2026-06-17
CVE-2025-26759 Cross-Site Request Forgery (CSRF) vulnerability in alexvtn Content Snippet Manager content-snippet-manager allows Stored XSS.This issue affects Content Snippet Manager: from n/a through <= 1.1.5. 7.1 0.05% 2025-02-16 2026-06-17
CVE-2025-62908 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. N/A 0.05% 2025-10-26 2025-11-21
CVE-2025-52709 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. N/A 0.05% 2025-06-27 2025-09-04
CVE-2025-25168 Cross-Site Request Forgery (CSRF) vulnerability in Black and White BookPress – For Book Authors book-press allows Cross-Site Scripting (XSS).This issue affects BookPress – For Book Authors: from n/a through <= 1.2.7. 7.1 0.05% 2025-02-07 2026-06-17
CVE-2025-25166 Cross-Site Request Forgery (CSRF) vulnerability in gabrieldarezzo InLocation inlocation allows Stored XSS.This issue affects InLocation: from n/a through <= 1.8. 7.1 0.05% 2025-02-07 2026-06-17
«« First « Prev Page 6 / 856 Next »
cvelogic Threat Intelligence