CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 161180 of 7273 results
«« First « Prev Page 9 / 364 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2026-56053 Subscriber PHP Object Injection in EventPrime <= 4.3.4.1 versions. 8.8 0.39% 2026-06-25 2026-06-25
CVE-2026-56051 Unauthenticated Cross Site Scripting (XSS) in TablePress <= 3.3.1 versions. 7.1 0.18% 2026-06-25 2026-06-29
CVE-2026-56049 Contributor Remote Code Execution (RCE) in Post Snippets <= 4.0.19 versions. 8.5 0.35% 2026-06-25 2026-06-25
CVE-2026-56042 Customer Cross Site Scripting (XSS) in Advanced Order Export For WooCommerce <= 4.0.9 versions. 7.1 0.18% 2026-06-25 2026-06-25
CVE-2026-56014 Unauthenticated Cross Site Scripting (XSS) in Master Slider <= 3.11.2 versions. 7.1 0.18% 2026-06-25 2026-06-25
CVE-2026-56006 Unauthenticated Cross Site Scripting (XSS) in H5P <= 1.17.6 versions. 7.1 0.18% 2026-06-25 2026-06-25
CVE-2026-56005 Subscriber Cross Site Scripting (XSS) in WP Activity Log <= 5.6.3.1 versions. 7.1 0.23% 2026-06-25 2026-06-25
CVE-2026-54849 Unauthenticated SQL Injection in Premmerce Wishlist for WooCommerce <= 1.1.11 versions. 9.3 0.23% 2026-06-25 2026-06-25
CVE-2026-54848 Insertion of Sensitive Information Into Sent Data vulnerability in Saad Iqbal APIExperts Square for WooCommerce allows Retrieve Embedded Sensitive Data. This issue affects APIExperts Square for WooCommerce: from n/a through 4.7.3. 8.3 0.18% 2026-06-25 2026-06-25
CVE-2026-54845 Unauthenticated Local File Inclusion in MDTF <= 1.3.8 versions. 8.1 0.27% 2026-06-25 2026-06-25
CVE-2026-54844 Unauthenticated Broken Access Control in CheckView Automated Testing <= 2.1.0 versions. 7.5 0.24% 2026-06-25 2026-06-29
CVE-2026-54843 Unauthenticated SQL Injection in MDTF <= 1.3.7 versions. 9.3 0.23% 2026-06-25 2026-06-25
CVE-2026-54842 Missing Authorization vulnerability in Royal Plugins Royal MCP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Royal MCP: from n/a through 1.4.25. 8.1 0.19% 2026-06-25 2026-06-25
CVE-2026-54841 Unauthenticated Sensitive Data Exposure in Vitepos <= 3.4.2 versions. 7.5 0.29% 2026-06-25 2026-06-25
CVE-2026-54838 Subscriber SQL Injection in WC Vendors Marketplace <= 2.6.8 versions. 8.5 0.27% 2026-06-25 2026-06-25
CVE-2026-54836 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YMC Filter allows SQL Injection. This issue affects YMC Filter: from n/a through 3.11.5. 9.3 0.23% 2026-06-25 2026-06-25
CVE-2026-54830 Unauthenticated Broken Access Control in Five Star Restaurant Reservations <= 2.7.19 versions. 7.5 0.24% 2026-06-25 2026-06-29
CVE-2026-54829 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jacob N. Breetvelt WP Photo Album Plus allows Blind SQL Injection. This issue affects WP Photo Album Plus: from n/a through 9.1.13.005. 7.5 0.19% 2026-06-25 2026-06-25
CVE-2026-54828 Unauthenticated Broken Access Control in Motors <= 1.4.109 versions. 7.5 0.24% 2026-06-25 2026-06-25
CVE-2026-54823 Contributor Remote Code Execution (RCE) in Widget Options <= 4.2.3 versions. 9.9 0.43% 2026-06-25 2026-06-25
«« First « Prev Page 9 / 364 Next »
cvelogic Threat Intelligence