Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2026-54846 | Unauthenticated Broken Access Control in Syncee Premium Dropshipping & Wholesale <= 1.0.27 versions. | 7.5 | 0.28% | 2026-06-26 | 2026-06-26 |
| CVE-2026-54840 | Unauthenticated Broken Access Control in Newsletters <= 4.13 versions. | 7.3 | 0.21% | 2026-06-26 | 2026-06-26 |
| CVE-2026-54839 | Unauthenticated Sensitive Data Exposure in Trinity Backup – Backup, Migrate, Restore, Clone & Schedule Backups <= 2.0.9 versions. | 7.5 | 0.28% | 2026-06-26 | 2026-06-26 |
| CVE-2026-54837 | Unauthenticated Broken Access Control in Intranet & Private Site – All-In-One Intranet <= 1.8.1 versions. | 7.5 | 0.28% | 2026-06-26 | 2026-06-26 |
| CVE-2026-54835 | Unauthenticated Broken Access Control in Five Star Restaurant Menu <= 2.5.2 versions. | 7.5 | 0.24% | 2026-06-26 | 2026-06-29 |
| CVE-2026-54834 | Unauthenticated Sensitive Data Exposure in Object Cache 4 everyone <= 2.3.2 versions. | 7.5 | 0.29% | 2026-06-26 | 2026-06-26 |
| CVE-2026-54833 | Unauthenticated Backdoor in Enable CORS <= 2.0.3 versions. | 7.4 | 0.24% | 2026-06-26 | 2026-06-26 |
| CVE-2026-54832 | Unauthenticated Broken Access Control in Gutenverse Companion <= 2.5.0 versions. | 7.5 | 0.24% | 2026-06-26 | 2026-06-26 |
| CVE-2026-54831 | Unauthenticated SQL Injection in GeoDirectory <= 2.8.162 versions. | 9.3 | 0.28% | 2026-06-26 | 2026-06-26 |
| CVE-2026-54827 | Unauthenticated SQL Injection in Real Estate 7 <= 3.5.9 versions. | 9.3 | 0.28% | 2026-06-26 | 2026-06-26 |
| CVE-2026-54826 | Subscriber Insecure Direct Object References (IDOR) in SupportCandy <= 3.4.6 versions. | 7.6 | 0.29% | 2026-06-26 | 2026-06-29 |
| CVE-2026-54825 | Unauthenticated SQL Injection in wpDataTables <= 7.4 versions. | 9.3 | 0.28% | 2026-06-26 | 2026-06-26 |
| CVE-2026-54824 | Unauthenticated Sensitive Data Exposure in Ads by WPQuads <= 3.0.3 versions. | 7.5 | 0.29% | 2026-06-26 | 2026-06-26 |
| CVE-2026-54820 | Unauthenticated SQL Injection in JetBooking <= 4.0.4.1 versions. | 9.3 | 0.28% | 2026-06-26 | 2026-06-26 |
| CVE-2025-68064 | Contributor Local File Inclusion in Goya Core < 1.0.9.4 versions. | 7.5 | 0.32% | 2026-06-26 | 2026-06-26 |
| CVE-2025-68063 | Contributor Local File Inclusion in Splash - Sport Club WordPress Theme for Basketball, Football, Hockey <= 4.4.3 versions. | 7.5 | 0.32% | 2026-06-26 | 2026-06-26 |
| CVE-2025-68052 | Unauthenticated Cross Site Request Forgery (CSRF) in Eagle Booking <= 1.3.4.3 versions. | 8.8 | 0.14% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57700 | Unrestricted Upload of File with Dangerous Type vulnerability in Daan.Dev OMGF Pro allows Using Malicious Files. This issue affects OMGF Pro: from n/a through 5.2.6. | 10.0 | 0.37% | 2026-06-25 | 2026-06-29 |
| CVE-2026-56071 | Unauthenticated Cross Site Scripting (XSS) in Forminator <= 1.53.1 versions. | 7.1 | 0.18% | 2026-06-25 | 2026-06-25 |
| CVE-2026-56054 | Subscriber Arbitrary File Deletion in JS Help Desk <= 3.1.1 versions. | 7.7 | 0.45% | 2026-06-25 | 2026-06-25 |