Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2026-56012 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in David Lingren Media LIbrary Assistant allows Blind SQL Injection. This issue affects Media LIbrary Assistant: from n/a through 3.35. | 8.5 | N/A | 2026-06-18 | 2026-06-18 |
| CVE-2026-9690 | Unauthenticated Arbitrary File Download in WP Media folder Addon <= 4.0.1 versions. | 7.5 | 0.47% | 2026-06-17 | 2026-06-17 |
| CVE-2026-54818 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VeronaLabs Slimstat Analytics allows Blind SQL Injection. This issue affects Slimstat Analytics: from n/a through 5.4.11. | 8.5 | 0.21% | 2026-06-17 | 2026-06-17 |
| CVE-2026-54816 | Improper Control of Generation of Code ('Code Injection') vulnerability in Monetizemore Advanced Ads allows Remote Code Inclusion. This issue affects Advanced Ads: from n/a through 2.0.21. | 7.5 | 0.29% | 2026-06-17 | 2026-06-17 |
| CVE-2026-54812 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in StylemixThemes Motors allows Blind SQL Injection. This issue affects Motors: from n/a through 1.4.109. | 9.3 | 0.29% | 2026-06-17 | 2026-06-17 |
| CVE-2026-54810 | Missing Authorization vulnerability in Nexi Payments Nexi XPay allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Nexi XPay: from n/a through 8.3.1. | 7.5 | 0.24% | 2026-06-17 | 2026-06-17 |
| CVE-2026-54809 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VillaTheme GIFT4U allows Blind SQL Injection. This issue affects GIFT4U: from n/a through 1.0.10. | 9.3 | 0.24% | 2026-06-17 | 2026-06-17 |
| CVE-2026-54806 | Unauthenticated PHP Object Injection in WP Activity Log <= 5.6.3.1 versions. | 9.8 | 0.53% | 2026-06-17 | 2026-06-17 |
| CVE-2026-54804 | Subscriber Broken Authentication in Melhor Envio <= 2.16.3 versions. | 7.6 | 0.28% | 2026-06-17 | 2026-06-17 |
| CVE-2026-54195 | Unauthenticated Cross Site Scripting (XSS) in JetFormBuilder <= 3.6.0.1 versions. | 7.1 | 0.15% | 2026-06-17 | 2026-06-17 |
| CVE-2026-54193 | Contributor Arbitrary File Deletion in Fusion Builder <= 3.15.4 versions. | 7.7 | 0.34% | 2026-06-17 | 2026-06-17 |
| CVE-2026-54189 | Unauthenticated Cross Site Scripting (XSS) in JetEngine <= 3.8.10 versions. | 7.1 | 0.15% | 2026-06-17 | 2026-06-17 |
| CVE-2026-54188 | Unauthenticated Cross Site Scripting (XSS) in JetEngine <= 3.8.10 versions. | 7.1 | 0.15% | 2026-06-17 | 2026-06-17 |
| CVE-2026-54185 | Subscriber SQL Injection in Cornerstone < 7.8.8 versions. | 8.5 | 0.34% | 2026-06-17 | 2026-06-17 |
| CVE-2026-52706 | Unauthenticated PHP Object Injection in JetEngine <= 3.8.10 versions. | 9.8 | 0.39% | 2026-06-17 | 2026-06-17 |
| CVE-2026-52705 | Unauthenticated Arbitrary File Upload in SigmaForms Pro – AI Generated Forms <= 1.4.5 versions. | 9.0 | 0.29% | 2026-06-17 | 2026-06-17 |
| CVE-2026-49778 | Unauthenticated Cross Site Scripting (XSS) in WPFunnels Pro <= 2.9.4 versions. | 7.1 | 0.19% | 2026-06-17 | 2026-06-17 |
| CVE-2026-49107 | Unauthenticated PHP Object Injection in Thrive Apprentice < 10.8.10.2 versions. | 9.8 | 0.38% | 2026-06-17 | 2026-06-17 |
| CVE-2026-49084 | Unauthenticated SQL Injection in JetEngine < 3.8.9.1 versions. | 9.3 | 0.29% | 2026-06-17 | 2026-06-17 |
| CVE-2026-49076 | Unauthenticated SQL Injection in JetEngine <= 3.8.9.1 versions. | 9.3 | 0.38% | 2026-06-17 | 2026-06-17 |