Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2026-25470 | Improper Control of Generation of Code ('Code Injection') vulnerability in ACPT ACPT (Pro) - Custom Post Types Plugin for WordPress allows Remote Code Inclusion. This issue affects ACPT (Pro) - Custom Post Types Plugin for WordPress: from n/a through 2.0.47. | 10.0 | 0.41% | 2026-06-17 | 2026-06-17 |
| CVE-2026-25446 | Subscriber Arbitrary File Upload in WishList Member X <= 3.29.0 versions. | 9.9 | 0.43% | 2026-06-17 | 2026-06-17 |
| CVE-2026-25439 | Unauthenticated Broken Authentication in Booknetic <= 4.8.5 versions. | 8.1 | 0.32% | 2026-06-17 | 2026-06-17 |
| CVE-2026-24611 | Unauthenticated Broken Access Control in MetForm Pro <= 3.9.1 versions. | 9.1 | 0.44% | 2026-06-17 | 2026-06-17 |
| CVE-2026-22343 | Unauthenticated Broken Access Control in WordPress Dating Theme <= 11.2.0 versions. | 8.6 | 0.26% | 2026-06-17 | 2026-06-17 |
| CVE-2026-22342 | Unauthenticated Cross Site Request Forgery (CSRF) in WordPress Dating Theme <= 11.2.0 versions. | 8.8 | 0.18% | 2026-06-17 | 2026-06-17 |
| CVE-2026-22340 | Unauthenticated SQL Injection in WPJobster <= 6.3.5 versions. | 9.3 | 0.37% | 2026-06-17 | 2026-06-17 |
| CVE-2026-22338 | Unauthenticated Local File Inclusion in EcoBlue <= 1.15 versions. | 8.1 | 0.34% | 2026-06-17 | 2026-06-17 |
| CVE-2026-22335 | Subscriber SQL Injection in WooCommerce Frontend Manager – Ultimate < 6.7.7 versions. | 8.5 | 0.35% | 2026-06-17 | 2026-06-17 |
| CVE-2026-22332 | Unauthenticated SQL Injection in Tutor LMS Pro <= 3.9.6 versions. | 9.3 | 0.28% | 2026-06-17 | 2026-06-17 |
| CVE-2026-22331 | Unauthenticated Local File Inclusion in AutoParts <= 1.5.8 versions. | 8.1 | 0.36% | 2026-06-17 | 2026-06-17 |
| CVE-2026-22330 | Unauthenticated Local File Inclusion in Right Way <= 4.0 versions. | 8.1 | 0.36% | 2026-06-17 | 2026-06-17 |
| CVE-2026-22327 | Subscriber Arbitrary File Upload in Restaurt <= 1.0.4 versions. | 9.9 | 0.46% | 2026-06-17 | 2026-06-17 |
| CVE-2026-22326 | Unauthenticated Local File Inclusion in Reprizo <= 1.0.8 versions. | 8.1 | 0.34% | 2026-06-17 | 2026-06-17 |
| CVE-2026-22325 | Unauthenticated Local File Inclusion in Promo <= 1.3.0 versions. | 8.1 | 0.36% | 2026-06-17 | 2026-06-17 |
| CVE-2026-12256 | Contributor PHP Object Injection in Avada <= 3.15.3 versions. | 8.8 | 0.48% | 2026-06-17 | 2026-06-17 |
| CVE-2025-69179 | Unauthenticated Privilege Escalation in Support Ticket Management System <= 1.9 versions. | 9.8 | 0.45% | 2026-06-17 | 2026-06-17 |
| CVE-2025-69178 | Unauthenticated Local File Inclusion in Truemag <= 4.3.14.2 versions. | 8.1 | 0.43% | 2026-06-17 | 2026-06-17 |
| CVE-2025-69177 | Unauthenticated Local File Inclusion in Roneous <= 2.1.5 versions. | 8.1 | 0.47% | 2026-06-17 | 2026-06-17 |
| CVE-2025-69176 | Unauthenticated Local File Inclusion in ITactics <= 1.0 versions. | 8.1 | 0.35% | 2026-06-17 | 2026-06-17 |