CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 120 of 227 results
«« First « Prev Page 1 / 12 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2022-27844 Arbitrary File Read vulnerability in WPvivid Team Migration, Backup, Staging – WPvivid (WordPress plugin) versions <= 0.9.70 2.7 1.42% 2022-04-11 2026-06-17
CVE-2021-23174 Authenticated (admin+) Persistent Cross-Site Scripting (XSS) vulnerability discovered in Download Monitor WordPress plugin (versions <= 4.4.6) Vulnerable parameters: &post_title, &downloadable_file_version[0]. 3.4 83.22% 2022-01-28 2026-06-16
CVE-2022-23984 Sensitive information disclosure discovered in wpDiscuz WordPress plugin (versions <= 7.3.11). 3.7 1.07% 2022-02-21 2026-06-17
CVE-2022-29423 Pro Features Lock Bypass vulnerability in Countdown & Clock plugin <= 2.3.2 at WordPress. 3.8 1.03% 2022-05-06 2026-06-17
CVE-2024-50417 Missing Authorization vulnerability in boldthemes Bold Page Builder bold-page-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bold Page Builder: from n/a through <= 5.1.3. 4.3 1.92% 2024-11-19 2026-06-17
CVE-2023-39999 Exposure of Sensitive Information to an Unauthorized Actor in WordPress from 6.3 through 6.3.1, from 6.2 through 6.2.2, from 6.1 through 6.13, from 6.0 through 6.0.5, from 5.9 through 5.9.7, from 5.8 through 5.8.7, from 5.7 through 5.7.9, from 5.6 through 5.6.11, from 5.5 through 5.5.12, from 5.4 through 5.4.13, from 5.3 through 5.3.15, from 5.2 through 5.2.18, from 5.1 through 5.1.16, from 5.0 through 5.0.19, from 4.9 through 4.9.23, from 4.8 through 4.8.22, from 4.7 through 4.7.26, from 4.6 th 4.3 1.01% 2023-10-13 2026-06-17
CVE-2023-23897 Cross-Site Request Forgery (CSRF) vulnerability in Ozette Plugins Simple Mobile URL Redirect plugin <= 1.7.2 versions. 4.3 1.67% 2023-07-10 2026-06-17
CVE-2022-23982 The vulnerability discovered in WordPress Perfect Brands for WooCommerce plugin (versions <= 2.0.4) allows server information exposure. 4.3 1.16% 2022-02-18 2026-06-17
CVE-2022-29455 DOM-based Reflected Cross-Site Scripting (XSS) vulnerability in Elementor's Elementor Website Builder plugin <= 3.5.5 versions. 4.7 23.18% 2022-06-13 2026-06-17
CVE-2024-54382 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in boldthemes Bold Page Builder bold-page-builder allows Path Traversal.This issue affects Bold Page Builder: from n/a through <= 5.1.5. 4.9 2.16% 2024-12-16 2026-06-17
CVE-2024-43919 Access Control vulnerability in YARPP YARPP allows . This issue affects YARPP: from n/a through 5.30.10. 5.3 43.59% 2024-11-01 2026-06-17
CVE-2024-43283 Insertion of Sensitive Information Into Sent Data vulnerability in Wasiliy Strecker / ContestGallery developer Contest Gallery contest-gallery.This issue affects Contest Gallery: from n/a through <= 23.1.2. 5.3 1.10% 2024-08-26 2026-06-17
CVE-2024-33575 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in User Meta user-meta.This issue affects User Meta: from n/a through 3.0. 5.3 1.12% 2024-04-29 2026-06-17
CVE-2023-47668 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in StellarWP Membership Plugin – Restrict Content plugin <= 3.2.7 versions. 5.3 1.01% 2023-11-22 2026-06-17
CVE-2023-46197 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in supsystic.Com Popup by Supsystic allows Relative Path Traversal.This issue affects Popup by Supsystic: from n/a through 1.10.19. 5.3 1.27% 2024-05-17 2026-06-17
CVE-2023-44982 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Jordy Meow Perfect Images (Manage Image Sizes, Thumbnails, Replace, Retina).This issue affects Perfect Images (Manage Image Sizes, Thumbnails, Replace, Retina): from n/a through 6.4.5. 5.3 1.44% 2023-12-18 2026-06-17
CVE-2023-40600 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Exactly WWW EWWW Image Optimizer. It works only when debug.log is turned on.This issue affects EWWW Image Optimizer: from n/a through 7.2.0. 5.3 2.04% 2023-11-30 2026-06-17
CVE-2022-45354 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in WPChill Download Monitor.This issue affects Download Monitor: from n/a through 4.7.60. 5.3 38.08% 2024-01-08 2026-06-17
CVE-2022-33901 Unauthenticated Arbitrary File Read vulnerability in MultiSafepay plugin for WooCommerce plugin <= 4.13.1 at WordPress. 5.3 2.19% 2022-07-22 2026-06-17
CVE-2022-28666 Broken Access Control vulnerability in YIKES Inc. Custom Product Tabs for WooCommerce plugin <= 1.7.7 at WordPress leading to &yikes-the-content-toggle option update. 5.3 1.18% 2022-07-21 2026-06-17
«« First « Prev Page 1 / 12 Next »
cvelogic Threat Intelligence