Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2022-34487 | Unauthenticated Arbitrary Option Update vulnerability in biplob018's Shortcode Addons plugin <= 3.0.2 at WordPress. | 9.8 | 2.65% | 2022-07-21 | 2026-06-17 |
| CVE-2022-27235 | Multiple Broken Access Control vulnerabilities in Social Share Buttons by Supsystic plugin <= 2.2.3 at WordPress. | 6.3 | 0.69% | 2022-07-22 | 2026-06-17 |
| CVE-2022-29495 | Cross-Site Request Forgery (CSRF) vulnerability in Sygnoos Popup Builder plugin <= 4.1.11 at WordPress allows an attacker to update plugin settings. | 5.4 | 0.41% | 2022-07-22 | 2026-06-17 |
| CVE-2022-30998 | Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in WooPlugins.co's Homepage Product Organizer for WooCommerce plugin <= 1.1 at WordPress. | 9.1 | 0.70% | 2022-07-22 | 2026-06-17 |
| CVE-2022-33191 | Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Chinmoy Paul's Testimonials plugin <= 3.0.1 at WordPress. | 4.1 | 0.46% | 2022-07-22 | 2026-06-17 |
| CVE-2022-33901 | Unauthenticated Arbitrary File Read vulnerability in MultiSafepay plugin for WooCommerce plugin <= 4.13.1 at WordPress. | 5.3 | 2.19% | 2022-07-22 | 2026-06-17 |
| CVE-2022-33960 | Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in Social Share Buttons by Supsystic plugin <= 2.2.3 at WordPress. | 8.5 | 0.77% | 2022-07-22 | 2026-06-17 |
| CVE-2022-34650 | Multiple Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerabilities in wpWax Team plugin <= 1.2.6 at WordPress. | 4.1 | 0.46% | 2022-07-22 | 2026-06-17 |
| CVE-2022-34839 | Authentication Bypass vulnerability in CodexShaper's WP OAuth2 Server plugin <= 1.0.1 at WordPress. | 5.9 | 0.86% | 2022-07-22 | 2026-06-17 |
| CVE-2022-34853 | Multiple Authenticated (contributor or higher user role) Persistent Cross-Site Scripting (XSS) vulnerabilities in wpWax Team plugin <= 1.2.6 at WordPress. | 4.1 | 0.46% | 2022-07-22 | 2026-06-17 |
| CVE-2022-33965 | Multiple Unauthenticated SQL Injection (SQLi) vulnerabilities in Osamaesh WP Visitor Statistics plugin <= 5.7 at WordPress. | 9.3 | 3.41% | 2022-07-25 | 2026-06-17 |
| CVE-2022-33969 | Authenticated WordPress Options Change vulnerability in Biplob Adhikari's Flipbox plugin <= 2.6.0 at WordPress. | 7.2 | 0.96% | 2022-07-25 | 2026-06-17 |
| CVE-2022-36375 | Authenticated (high role user) WordPress Options Change vulnerability in Biplob Adhikari's Tabs plugin <= 3.6.0 at WordPress. | 7.2 | 0.96% | 2022-07-25 | 2026-06-17 |
| CVE-2022-33970 | Authenticated WordPress Options Change vulnerability in Biplob018 Shortcode Addons plugin <= 3.1.2 at WordPress. | 7.2 | 0.90% | 2022-07-27 | 2026-06-17 |
| CVE-2022-33943 | Authenticated (contributor or higher user role) Cross-Site Scripting (XSS) vulnerability in Nico Amarilla's BxSlider WP plugin <= 2.0.0 at WordPress. | 5.4 | 0.46% | 2022-07-27 | 2026-06-17 |
| CVE-2022-35882 | Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in GS Plugins GS Testimonial Slider plugin <= 1.9.5 at WordPress. | 4.8 | 0.46% | 2022-07-28 | 2026-06-17 |
| CVE-2022-36378 | Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in PluginlySpeaking Floating Div plugin <= 3.0 at WordPress. | 4.8 | 0.46% | 2022-07-29 | 2026-06-17 |
| CVE-2022-34154 | Authenticated (author or higher user role) Arbitrary File Upload vulnerability in ideasToCode Enable SVG, WebP & ICO Upload plugin <= 1.0.1 at WordPress. | 7.2 | 0.98% | 2022-08-01 | 2026-06-17 |
| CVE-2022-36343 | Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in ideasToCode Enable SVG, WebP & ICO Upload plugin <= 1.0.1 at WordPress. | 3.4 | 0.46% | 2022-08-01 | 2026-06-17 |
| CVE-2021-36861 | Cross-Site Request Forgery (CSRF) vulnerability in Rich Reviews by Starfish plugin <= 1.9.14 at WordPress allows an attacker to delete reviews. | 5.4 | 0.27% | 2022-08-05 | 2026-06-16 |