CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 141160 of 16964 results
«« First « Prev Page 8 / 849 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2022-42699 Auth. Remote Code Execution vulnerability in Easy WP SMTP plugin <= 1.5.1 on WordPress. 9.1 1.32% 2022-12-06 2026-06-17
CVE-2025-60188 Insertion of Sensitive Information Into Sent Data vulnerability in Vito Peleg Atarim atarim-visual-collaboration allows Retrieve Embedded Sensitive Data.This issue affects Atarim: from n/a through <= 4.2.1. 7.5 1.31% 2025-11-06 2026-06-17
CVE-2025-48281 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mystyleplatform MyStyle Custom Product Designer mystyle-custom-product-designer allows Blind SQL Injection.This issue affects MyStyle Custom Product Designer: from n/a through <= 3.21.1. 9.3 1.31% 2025-06-09 2026-06-17
CVE-2024-32136 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Xenioushk BWL Advanced FAQ Manager.This issue affects BWL Advanced FAQ Manager: from n/a through 2.0.3. 7.6 1.31% 2024-04-15 2026-06-17
CVE-2026-42647 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Beardev JoomSport allows Blind SQL Injection. This issue affects JoomSport: from n/a through 5.7.7. 9.3 1.30% 2026-06-11 2026-06-17
CVE-2024-50509 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Chetan Khandla Woocommerce Product Design woo-product-design allows Path Traversal.This issue affects Woocommerce Product Design: from n/a through <= 1.0.0. 8.6 1.30% 2024-10-30 2026-06-17
CVE-2023-25699 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability in VideoWhisper.Com VideoWhisper Live Streaming Integration allows OS Command Injection.This issue affects VideoWhisper Live Streaming Integration: from n/a through 5.5.15. 9.0 1.29% 2024-04-03 2026-06-17
CVE-2023-45657 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in POSIMYTH Nexter allows SQL Injection.This issue affects Nexter: from n/a through 2.0.3. 8.5 1.28% 2023-11-06 2026-06-17
CVE-2025-62039 Insertion of Sensitive Information Into Sent Data vulnerability in Ays Pro AI ChatBot with ChatGPT and Content Generator by AYS ays-chatgpt-assistant allows Retrieve Embedded Sensitive Data.This issue affects AI ChatBot with ChatGPT and Content Generator by AYS: from n/a through <= 2.6.6. 7.5 1.27% 2025-11-06 2026-06-17
CVE-2023-46197 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in supsystic.Com Popup by Supsystic allows Relative Path Traversal.This issue affects Popup by Supsystic: from n/a through 1.10.19. 5.3 1.27% 2024-05-17 2026-06-17
CVE-2022-34858 Authentication Bypass vulnerability in miniOrange OAuth 2.0 client for SSO plugin <= 1.11.3 at WordPress. 9.8 1.27% 2022-08-22 2026-06-17
CVE-2022-25602 Nonce token leak vulnerability leading to arbitrary file upload, theme deletion, plugin settings change discovered in Responsive Menu WordPress plugin (versions <= 4.1.7). 8.3 1.26% 2022-03-18 2026-06-17
CVE-2024-37091 Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in StylemixThemes Consulting Elementor Widgets, StylemixThemes Masterstudy Elementor Widgets allows OS Command Injection.This issue affects Consulting Elementor Widgets: from n/a through 1.3.0; Masterstudy Elementor Widgets: from n/a through 1.2.2. 9.9 1.24% 2024-06-24 2026-06-17
CVE-2023-37988 Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Creative Solutions Contact Form Generator plugin <= 2.5.5 versions. 7.1 1.23% 2023-08-10 2026-06-17
CVE-2024-50476 Missing Authorization vulnerability in GRÜN Software Group GmbH GRÜN spendino Spendenformular spendino allows Privilege Escalation.This issue affects GRÜN spendino Spendenformular: from n/a through <= 1.0.1. 9.8 1.22% 2024-10-29 2026-06-17
CVE-2024-50475 Missing Authorization vulnerability in Scott Gamon Signup Page signup-page allows Privilege Escalation.This issue affects Signup Page: from n/a through <= 1.0. 9.8 1.22% 2024-10-29 2026-06-17
CVE-2024-56249 Unrestricted Upload of File with Dangerous Type vulnerability in Ludwig You WPMasterToolKit wpmastertoolkit allows Upload a Web Shell to a Web Server.This issue affects WPMasterToolKit: from n/a through <= 1.13.1. 9.1 1.22% 2025-01-02 2026-06-17
CVE-2024-34555 Unrestricted Upload of File with Dangerous Type vulnerability in URBAN BASE Z-Downloads.This issue affects Z-Downloads: from n/a through 1.11.3. 10.0 1.22% 2024-05-14 2026-06-17
CVE-2023-34000 Unauth. IDOR vulnerability leading to PII Disclosure in WooCommerce Stripe Payment Gateway plugin <= 7.4.0 versions. 7.5 1.21% 2023-06-14 2026-06-17
CVE-2025-47492 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in add-ons.org Drag and Drop File Upload for Elementor Forms drag-and-drop-file-upload-for-elementor-forms allows Path Traversal.This issue affects Drag and Drop File Upload for Elementor Forms: from n/a through <= 1.4.3. 8.6 1.21% 2025-05-23 2026-06-17
«« First « Prev Page 8 / 849 Next »
cvelogic Threat Intelligence