Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2026-56029 | Unauthenticated Broken Authentication in CorvusPay WooCommerce Payment Gateway <= 2.7.4 versions. | 7.5 | 0.29% | 2026-06-26 | 2026-06-26 |
| CVE-2026-56028 | Unauthenticated Privilege Escalation in Easy Elements for Elementor – Addons & Website Templates <= 1.4.9 versions. | 9.8 | 0.36% | 2026-06-26 | 2026-06-29 |
| CVE-2026-56027 | Customer Arbitrary File Upload in Booster for WooCommerce <= 8.0.1 versions. | 9.9 | 0.33% | 2026-06-26 | 2026-06-26 |
| CVE-2026-56025 | Unauthenticated Broken Access Control in Paymob for WooCommerce <= 4.1.2 versions. | 7.5 | 0.24% | 2026-06-26 | 2026-06-26 |
| CVE-2026-56011 | Unauthenticated Cross Site Scripting (XSS) in MapPress Maps for WordPress <= 2.97.3 versions. | 7.1 | 0.24% | 2026-06-26 | 2026-06-26 |
| CVE-2026-56010 | Subscriber Privilege Escalation in Abandoned Cart Pro for WooCommerce <= 10.4.0 versions. | 8.8 | 0.38% | 2026-06-26 | 2026-06-26 |
| CVE-2026-56008 | Contributor Privilege Escalation in Fusion Builder <= 3.15.4 versions. | 8.8 | 0.28% | 2026-06-26 | 2026-06-29 |
| CVE-2026-54847 | Unauthenticated Broken Access Control in Stylish Cost Calculator <= 8.3.9 versions. | 7.5 | 0.28% | 2026-06-26 | 2026-06-26 |
| CVE-2026-54846 | Unauthenticated Broken Access Control in Syncee Premium Dropshipping & Wholesale <= 1.0.27 versions. | 7.5 | 0.28% | 2026-06-26 | 2026-06-26 |
| CVE-2026-54840 | Unauthenticated Broken Access Control in Newsletters <= 4.13 versions. | 7.3 | 0.21% | 2026-06-26 | 2026-06-26 |
| CVE-2026-54839 | Unauthenticated Sensitive Data Exposure in Trinity Backup – Backup, Migrate, Restore, Clone & Schedule Backups <= 2.0.9 versions. | 7.5 | 0.28% | 2026-06-26 | 2026-06-26 |
| CVE-2026-54837 | Unauthenticated Broken Access Control in Intranet & Private Site – All-In-One Intranet <= 1.8.1 versions. | 7.5 | 0.28% | 2026-06-26 | 2026-06-26 |
| CVE-2026-54835 | Unauthenticated Broken Access Control in Five Star Restaurant Menu <= 2.5.2 versions. | 7.5 | 0.24% | 2026-06-26 | 2026-06-29 |
| CVE-2026-54834 | Unauthenticated Sensitive Data Exposure in Object Cache 4 everyone <= 2.3.2 versions. | 7.5 | 0.29% | 2026-06-26 | 2026-06-26 |
| CVE-2026-54833 | Unauthenticated Backdoor in Enable CORS <= 2.0.3 versions. | 7.4 | 0.24% | 2026-06-26 | 2026-06-26 |
| CVE-2026-54832 | Unauthenticated Broken Access Control in Gutenverse Companion <= 2.5.0 versions. | 7.5 | 0.24% | 2026-06-26 | 2026-06-26 |
| CVE-2026-54831 | Unauthenticated SQL Injection in GeoDirectory <= 2.8.162 versions. | 9.3 | 0.28% | 2026-06-26 | 2026-06-26 |
| CVE-2026-54827 | Unauthenticated SQL Injection in Real Estate 7 <= 3.5.9 versions. | 9.3 | 0.28% | 2026-06-26 | 2026-06-26 |
| CVE-2026-54826 | Subscriber Insecure Direct Object References (IDOR) in SupportCandy <= 3.4.6 versions. | 7.6 | 0.29% | 2026-06-26 | 2026-06-29 |
| CVE-2026-54825 | Unauthenticated SQL Injection in wpDataTables <= 7.4 versions. | 9.3 | 0.28% | 2026-06-26 | 2026-06-26 |