CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 121140 of 16855 results
«« First « Prev Page 7 / 843 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2022-29448 Authenticated (admin or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Herd Effects plugin <= 5.2 at WordPress. 6.8 0.98% 2022-05-20 2026-06-17
CVE-2022-29426 Authenticated (contributor or higher user role) Reflected Cross-Site Scripting (XSS) vulnerability in 2J Slideshow Team's Slideshow, Image Slider by 2J plugin <= 1.3.54 at WordPress. 5.4 0.49% 2022-05-20 2026-06-17
CVE-2022-29427 Cross-Site Request Forgery (CSRF) vulnerability in Aftab Muni's Disable Right Click For WP plugin <= 1.1.6 at WordPress. 4.3 0.40% 2022-05-20 2026-06-17
CVE-2022-29428 Cross-Site Scripting (XSS) vulnerability in Muneeb's WP Slider Plugin <= 1.4.5 at WordPress. 4.1 0.49% 2022-05-20 2026-06-17
CVE-2022-29430 Cross-Site Scripting (XSS) vulnerability in KubiQ's PNG to JPG plugin <= 4.0 at WordPress via Cross-Site Request Forgery (CSRF). Vulnerable parameter &jpg_quality. 4.7 0.34% 2022-05-20 2026-06-17
CVE-2022-29431 Cross-Site Request Forgery (CSRF) vulnerability in KubiQ CPT base plugin <= 5.8 at WordPress allows an attacker to delete the CPT base. 5.4 0.36% 2022-05-20 2026-06-17
CVE-2022-29432 Multiple Authenticated (administrator or higher user role) Persistent Cross-Site Scripting (XSS) vulnerabilities in TMS-Plugins wpDataTables plugin <= 2.1.27 on WordPress via &data-link-text, &data-link-url, &data, &data-shortcode, &data-star-num vulnerable parameters. 3.4 0.49% 2022-05-20 2026-06-17
CVE-2022-29434 Insecure Direct Object References (IDOR) vulnerability in Spiffy Plugins Spiffy Calendar <= 4.9.0 at WordPress allows an attacker to edit or delete events. 6.3 0.66% 2022-05-20 2026-06-17
CVE-2022-29447 Authenticated (administrator or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Hover Effects plugin <= 2.1 at WordPress. 6.8 0.98% 2022-05-20 2026-06-17
CVE-2022-29408 Persistent Cross-Site Scripting (XSS) vulnerability in Vsourz Digital's Advanced Contact form 7 DB plugin <= 1.8.7 at WordPress. 4.7 0.66% 2022-05-25 2026-06-17
CVE-2021-36866 Authenticated (author or higher role) Stored Cross-Site Scripting (XSS) vulnerability in Fatcat Apps Easy Pricing Tables plugin <= 3.1.2 at WordPress. 4.8 0.52% 2022-06-02 2026-06-16
CVE-2021-36890 Cross-Site Request Forgery (CSRF) vulnerability in Social Share Buttons by Supsystic plugin <= 2.2.2 at WordPress. 4.3 0.40% 2022-06-02 2026-06-16
CVE-2022-29455 DOM-based Reflected Cross-Site Scripting (XSS) vulnerability in Elementor's Elementor Website Builder plugin <= 3.5.5 versions. 4.7 23.18% 2022-06-13 2026-06-17
CVE-2021-36901 Unauthenticated Stored Cross-Site Scripting (XSS) vulnerability in Phil Baker's Age Gate plugin <= 2.17.0 at WordPress. 6.1 0.74% 2022-06-15 2026-06-16
CVE-2022-27859 Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Nicdark d.o.o. Travel Management plugin <= 2.0 at WordPress. 4.1 0.62% 2022-06-15 2026-06-17
CVE-2022-29406 Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in DynamicWebLab's WordPress Team Manager plugin <= 1.6.9 at WordPress. 4.1 0.58% 2022-06-15 2026-06-17
CVE-2022-29437 Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in Image Slider by NextCode plugin <= 1.1.2 at WordPress. 5.4 0.41% 2022-06-15 2026-06-17
CVE-2022-29438 Authenticated (author or higher user role) Persistent Cross-Site Scripting (XSS) vulnerability in Image Slider by NextCode plugin <= 1.1.2 at WordPress. 4.8 0.51% 2022-06-15 2026-06-17
CVE-2022-29439 Cross-Site Request Forgery (CSRF) vulnerability in Image Slider by NextCode plugin <= 1.1.2 at WordPress allows deleting slides. 5.4 0.39% 2022-06-15 2026-06-17
CVE-2022-29440 Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in Promotion Slider plugin <= 3.3.4 at WordPress. 5.4 0.51% 2022-06-15 2026-06-17
«« First « Prev Page 7 / 843 Next »
cvelogic Threat Intelligence