CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 4160 of 16964 results
«« First « Prev Page 3 / 849 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2026-27436 Editor Arbitrary Code Execution in Five Star Business Profile and Schema <= 2.3.19 versions. 9.1 0.40% 2026-07-02 2026-07-02
CVE-2026-27414 Contributor PHP Object Injection in Werkstatt <= 4.8.3 versions. 8.8 0.29% 2026-07-02 2026-07-02
CVE-2025-69156 Unauthenticated Cross Site Scripting (XSS) in Kids Zone - Children WordPress Theme <= 5.4 versions. 7.1 0.18% 2026-07-02 2026-07-02
CVE-2025-69133 Subscriber Local File Inclusion in Tourmaster <= 5.4.5 versions. 7.5 0.40% 2026-07-02 2026-07-02
CVE-2026-57764 Contributor Cross Site Scripting (XSS) in Surbma | Yoast SEO Breadcrumb Shortcode <= 1.2 versions. 6.5 0.14% 2026-07-02 2026-07-02
CVE-2026-57757 Unauthenticated Cross Site Request Forgery (CSRF) in pCloud WP Backup <= 2.0.2 versions. 7.1 0.12% 2026-07-02 2026-07-02
CVE-2026-57751 Unauthenticated Cross Site Request Forgery (CSRF) in Heateor Social Login <= 1.1.39 versions. 8.1 0.14% 2026-07-02 2026-07-02
CVE-2026-57731 Contributor Broken Access Control in Flatsome <= 3.20.5 versions. 6.5 0.21% 2026-07-02 2026-07-02
CVE-2026-57722 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ShortPixel Enable Media Replace allows Stored XSS. This issue affects Enable Media Replace: from n/a through 4.2.1. 5.9 0.15% 2026-07-01 2026-07-02
CVE-2026-57686 Unauthenticated Cross Site Scripting (XSS) in WowAddons <= 1.6.14 versions. 7.1 0.19% 2026-07-02 2026-07-02
CVE-2026-57680 Unauthenticated Insecure Direct Object References (IDOR) in Kirki <= 6.0.11 versions. 6.5 0.25% 2026-07-02 2026-07-02
CVE-2026-57672 Unauthenticated Cross Site Scripting (XSS) in wpDataTables <= 6.5.1.1 versions. 7.1 0.19% 2026-07-02 2026-07-02
CVE-2026-57623 Unauthenticated Arbitrary Code Execution in W3 Total Cache <= 2.9.4 versions. 9.0 0.33% 2026-07-02 2026-07-02
CVE-2026-57360 Unauthenticated Cross Site Scripting (XSS) in eCommerce Product Catalog <= 3.5.4 versions. 7.1 0.19% 2026-07-02 2026-07-02
CVE-2026-57355 Subscriber Broken Access Control in Classified Listing <= 5.4.2 versions. 6.5 0.30% 2026-07-02 2026-07-02
CVE-2026-57354 Subscriber Cross Site Scripting (XSS) in JetReviews <= 3.0.0.1 versions. 6.5 0.22% 2026-07-02 2026-07-02
CVE-2026-57349 Unauthenticated Cross Site Scripting (XSS) in WPeMatico RSS Feed Fetcher <= 2.8.17 versions. 7.1 0.19% 2026-07-02 2026-07-02
CVE-2026-57348 Unauthenticated Server Side Request Forgery (SSRF) in Paid Member Subscriptions <= 3.0.4 versions. 7.2 0.20% 2026-07-02 2026-07-02
CVE-2026-57342 Subscriber Cross Site Scripting (XSS) in ShortPixel Adaptive Images <= 3.11.3 versions. 6.5 0.22% 2026-07-02 2026-07-02
CVE-2026-49779 Customer Path Traversal in Tax Exempt for WooCommerce <= 1.9.3 versions. 6.5 0.34% 2026-07-02 2026-07-02
«« First « Prev Page 3 / 849 Next »
cvelogic Threat Intelligence