CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 4160 of 17114 results
«« First « Prev Page 3 / 856 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2021-36889 Multiple Stored Authenticated Cross-Site Scripting (XSS) vulnerabilities were discovered in tarteaucitron.js – Cookies legislation & GDPR WordPress plugin (versions <= 1.6). 3.4 0.56% 2021-12-20 2026-06-16
CVE-2021-36864 Auth. (editor+) Reflected Cross-Site Scripting (XSS) vulnerability in ExpressTech Quiz And Survey Master plugin <= 7.3.4 on WordPress. 3.4 0.41% 2022-10-28 2026-06-16
CVE-2021-36849 Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in René Hermenau's Social Media Share Buttons plugin <= 3.8.1 at WordPress. 3.4 0.42% 2022-07-20 2026-06-16
CVE-2021-36848 Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Social Media Feather (WordPress plugin) versions <= 2.0.4 3.4 0.56% 2022-04-11 2026-06-16
CVE-2021-36844 Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in MyThemeShop WP Subscribe plugin <= 1.2.12 on WordPress. 3.4 0.52% 2022-05-02 2026-06-16
CVE-2021-23174 Authenticated (admin+) Persistent Cross-Site Scripting (XSS) vulnerability discovered in Download Monitor WordPress plugin (versions <= 4.4.6) Vulnerable parameters: &post_title, &downloadable_file_version[0]. 3.4 83.85% 2022-01-28 2026-06-16
CVE-2025-58816 Missing Authorization vulnerability in Plugin Devs Product Carousel Slider for Elementor ecommerce-product-carousel-slider-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Carousel Slider for Elementor: from n/a through <= 2.1.3. 3.5 0.22% 2025-09-05 2026-06-17
CVE-2024-37234 URL Redirection to Untrusted Site ('Open Redirect') vulnerability in Kodezen Limited Academy LMS.This issue affects Academy LMS: from n/a through 2.0.4. 3.5 0.27% 2024-07-06 2026-06-17
CVE-2024-35777 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') vulnerability in Automattic WooCommerce allows Content Spoofing.This issue affects WooCommerce: from n/a through 8.9.2. 3.5 0.35% 2024-07-09 2026-06-17
CVE-2023-41695 Missing Authorization vulnerability in Adnan Analytify wp-analytify allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Analytify: from n/a through <= 5.1.0. 3.5 0.45% 2024-12-13 2026-06-17
CVE-2023-24375 Missing Authorization vulnerability in miniOrange WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn): from n/a through 7.5.14. 3.5 0.42% 2024-12-09 2026-06-17
CVE-2022-45819 Missing Authorization vulnerability in Popup Maker Popup Maker allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup Maker: from n/a through 1.17.1. 3.5 0.40% 2024-12-13 2026-06-17
CVE-2024-45453 Authentication Bypass by Spoofing vulnerability in Peter Hardy-vanDoorn Maintenance Redirect jf3-maintenance-mode.This issue affects Maintenance Redirect: from n/a through <= 2.0.1. 3.7 0.33% 2024-09-22 2026-06-17
CVE-2024-43944 Authentication Bypass by Spoofing vulnerability in ilyasine Maintenance & Coming Soon Redirect Animation maintenance-coming-soon-redirect-animation allows Identity Spoofing.This issue affects Maintenance & Coming Soon Redirect Animation: from n/a through <= 2.3.3. 3.7 0.36% 2024-08-29 2026-06-17
CVE-2024-35749 Authentication Bypass by Spoofing vulnerability in Acurax Under Construction / Maintenance Mode from Acurax allows Authentication Bypass.This issue affects Under Construction / Maintenance Mode from Acurax: from n/a through 2.6. 3.7 0.30% 2024-06-10 2026-06-17
CVE-2024-32708 Authentication Bypass by Spoofing vulnerability in helderk Maintenance Mode allows Functionality Bypass.This issue affects Maintenance Mode: from n/a through 3.0.1. 3.7 0.37% 2024-05-17 2026-06-17
CVE-2024-31265 Cross-Site Request Forgery (CSRF) vulnerability in SumoMe Sumo.This issue affects Sumo: from n/a through 1.34. 3.7 0.24% 2024-04-12 2026-06-17
CVE-2024-31254 Insertion of Sensitive Information into Log File vulnerability in WebToffee WordPress Backup & Migration.This issue affects WordPress Backup & Migration: from n/a through 1.4.7. 3.7 0.48% 2024-04-10 2026-06-17
CVE-2024-30512 Missing Authorization vulnerability in weForms.This issue affects weForms: from n/a through 1.6.20. 3.7 0.35% 2024-06-09 2026-06-17
CVE-2024-30480 Authentication Bypass by Spoofing vulnerability in Pippin Williamson CGC Maintenance Mode allows Functionality Bypass.This issue affects CGC Maintenance Mode: from n/a through 1.2. 3.7 0.48% 2024-05-17 2026-06-17
«« First « Prev Page 3 / 856 Next »
cvelogic Threat Intelligence