CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 120 of 7273 results
«« First « Prev Page 1 / 364 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2026-57766 Unauthenticated Cross Site Request Forgery (CSRF) in WPIDE – File Manager & Code Editor <= 3.5.6 versions. 8.8 0.14% 2026-07-02 2026-07-02
CVE-2026-57765 Contributor SQL Injection in WP EasyCart <= 5.9.0 versions. 8.5 0.22% 2026-07-02 2026-07-02
CVE-2026-57761 Unauthenticated Cross Site Request Forgery (CSRF) in SEOWP <= 3.12.2 versions. 7.1 0.09% 2026-07-02 2026-07-02
CVE-2026-57759 Unauthenticated Cross Site Request Forgery (CSRF) in ProfileGrid <= 5.9.9.7 versions. 8.8 0.14% 2026-07-02 2026-07-02
CVE-2026-57758 Unauthenticated Cross Site Request Forgery (CSRF) in Permalink Manager for WooCommerce <= 1.0.8.2 versions. 7.1 0.09% 2026-07-02 2026-07-02
CVE-2026-57757 Unauthenticated Cross Site Request Forgery (CSRF) in pCloud WP Backup <= 2.0.2 versions. 7.1 0.12% 2026-07-02 2026-07-02
CVE-2026-57756 Contributor SQL Injection in nicen-localize-image <= 1.4.9 versions. 8.5 0.22% 2026-07-02 2026-07-02
CVE-2026-57752 Contributor SQL Injection in iNET Webkit 1.2.4 versions. 8.5 0.29% 2026-07-02 2026-07-02
CVE-2026-57751 Unauthenticated Cross Site Request Forgery (CSRF) in Heateor Social Login <= 1.1.39 versions. 8.1 0.14% 2026-07-02 2026-07-02
CVE-2026-57749 Contributor Local File Inclusion in SportsPress Pro <= 2.7.29 versions. 7.5 0.28% 2026-07-02 2026-07-02
CVE-2026-57748 Contributor Local File Inclusion in Shopify <= 1.0.0 versions. 7.5 0.28% 2026-07-02 2026-07-02
CVE-2026-57746 Subscriber Broken Access Control in Booked <= 3.0.0 versions. 7.1 0.24% 2026-07-02 2026-07-02
CVE-2026-57688 Unauthenticated Broken Access Control in POS Entegratör <= 3.7.103 versions. 8.2 0.24% 2026-07-02 2026-07-02
CVE-2026-57687 Contributor SQL Injection in Custom Field Template <= 2.7.8 versions. 8.5 0.22% 2026-07-02 2026-07-02
CVE-2026-57686 Unauthenticated Cross Site Scripting (XSS) in WowAddons <= 1.6.14 versions. 7.1 0.19% 2026-07-02 2026-07-02
CVE-2026-57683 Unauthenticated SQL Injection in WP Fast Total Search <= 1.80.280 versions. 9.3 0.25% 2026-07-02 2026-07-02
CVE-2026-57682 Unauthenticated Cross Site Scripting (XSS) in Simple Link Directory <= 15.0.5 versions. 7.1 0.19% 2026-07-02 2026-07-02
CVE-2026-57679 Unauthenticated SQL Injection in GeekyBot <= 1.2.5 versions. 9.3 0.25% 2026-07-02 2026-07-02
CVE-2026-57678 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemePunch Slider Revolution allows Reflected XSS. This issue affects Slider Revolution: from 7.0.0 through 7.0.16. 7.1 0.15% 2026-07-02 2026-07-02
CVE-2026-57677 Unauthenticated PHP Object Injection in Novalnet Payment Gateway for WooCommerce <= 12.10.3 versions. 9.8 0.34% 2026-07-02 2026-07-02
«« First « Prev Page 1 / 364 Next »
cvelogic Threat Intelligence