Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2024-56058 | Deserialization of Untrusted Data vulnerability in denniskravetstns VRPConnector vrpconnector allows Object Injection.This issue affects VRPConnector: from n/a through <= 2.0.1. | 9.8 | 1.66% | 2024-12-18 | 2026-06-17 |
| CVE-2024-55988 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Amol Nirmala Waman Navayan CSV Export navayan-csv-export allows Blind SQL Injection.This issue affects Navayan CSV Export: from n/a through <= 1.0.9. | 9.3 | 1.10% | 2024-12-16 | 2026-06-17 |
| CVE-2024-55982 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in richteam Share Buttons – Social Media rich-web-share-button allows Blind SQL Injection.This issue affects Share Buttons – Social Media: from n/a through <= 1.0.2. | 9.3 | 1.67% | 2024-12-16 | 2026-06-17 |
| CVE-2024-55976 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in mikeleembruggen Critical Site Intel critical-site-intel-stats allows SQL Injection.This issue affects Critical Site Intel: from n/a through <= 1.0. | 9.3 | 1.12% | 2024-12-16 | 2026-06-17 |
| CVE-2024-55972 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in chriscarvache eTemplates etemplates allows SQL Injection.This issue affects eTemplates: from n/a through <= 0.2.1. | 9.3 | 1.17% | 2024-12-16 | 2026-06-17 |
| CVE-2024-54385 | Server-Side Request Forgery (SSRF) vulnerability in princeahmed Radio Player radio-player allows Server Side Request Forgery.This issue affects Radio Player: from n/a through <= 2.0.83. | 7.2 | 5.11% | 2024-12-16 | 2026-06-17 |
| CVE-2024-54382 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in boldthemes Bold Page Builder bold-page-builder allows Path Traversal.This issue affects Bold Page Builder: from n/a through <= 5.1.5. | 4.9 | 2.16% | 2024-12-16 | 2026-06-17 |
| CVE-2024-54374 | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Sabri Sogrid sogrid allows PHP Local File Inclusion.This issue affects Sogrid: from n/a through <= 1.5.6. | 7.5 | 1.20% | 2024-12-16 | 2026-06-17 |
| CVE-2024-54369 | Missing Authorization vulnerability in ThemeHunk Zita Site Builder ai-site-builder allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Zita Site Builder: from n/a through <= 1.0.2. | 9.1 | 1.50% | 2024-12-16 | 2026-06-17 |
| CVE-2024-54363 | Incorrect Privilege Assignment vulnerability in saiful.total Wp NssUser Register wp-nssuser-register allows Privilege Escalation.This issue affects Wp NssUser Register: from n/a through <= 1.0.0. | 9.8 | 1.82% | 2024-12-16 | 2026-06-17 |
| CVE-2024-54330 | Server-Side Request Forgery (SSRF) vulnerability in hurraki Hurrakify hurrakify allows Server Side Request Forgery.This issue affects Hurrakify: from n/a through <= 2.4. | 7.2 | 1.43% | 2024-12-13 | 2026-06-17 |
| CVE-2024-54262 | Unrestricted Upload of File with Dangerous Type vulnerability in sidngr Import Export For WooCommerce import-export-for-woocommerce allows Upload a Web Shell to a Web Server.This issue affects Import Export For WooCommerce: from n/a through <= 1.6.2. | 9.9 | 1.40% | 2024-12-13 | 2026-06-17 |
| CVE-2023-32117 | Missing Authorization vulnerability in SoftLab Integrate Google Drive allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Integrate Google Drive: from n/a through 1.1.99. | 9.8 | 6.28% | 2024-12-09 | 2026-06-17 |
| CVE-2023-22701 | Missing Authorization vulnerability in Shopfiles Ltd Ebook Store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ebook Store: from n/a through 5.775. | 7.5 | 1.01% | 2024-12-09 | 2026-06-17 |
| CVE-2024-52475 | Authentication Bypass Using an Alternate Path or Channel vulnerability in Information Technology Wawp automation-web-platform allows Authentication Bypass.This issue affects Wawp: from n/a through < 3.0.18. | 9.8 | 1.79% | 2024-11-28 | 2026-06-17 |
| CVE-2024-50417 | Missing Authorization vulnerability in boldthemes Bold Page Builder bold-page-builder allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Bold Page Builder: from n/a through <= 5.1.3. | 4.3 | 1.92% | 2024-11-19 | 2026-06-17 |
| CVE-2024-52434 | Deserialization of Untrusted Data vulnerability in supsystic Popup by Supsystic popup-by-supsystic allows Command Injection.This issue affects Popup by Supsystic: from n/a through <= 1.10.29. | 9.1 | 1.10% | 2024-11-18 | 2026-06-17 |
| CVE-2024-52433 | Deserialization of Untrusted Data vulnerability in Mindstien Technologies My Geo Posts Free my-geo-posts-free allows Object Injection.This issue affects My Geo Posts Free: from n/a through <= 1.2. | 9.8 | 3.07% | 2024-11-18 | 2026-06-17 |
| CVE-2024-52430 | Deserialization of Untrusted Data vulnerability in bublick Lis Video Gallery lis-video-gallery allows Object Injection.This issue affects Lis Video Gallery: from n/a through <= 0.2.1. | 9.8 | 1.05% | 2024-11-18 | 2026-06-17 |
| CVE-2024-52380 | Unrestricted Upload of File with Dangerous Type vulnerability in softpulseinfotech Picsmize picsmize allows Upload a Web Shell to a Web Server.This issue affects Picsmize: from n/a through <= 1.0.0. | 10.0 | 1.54% | 2024-11-14 | 2026-06-17 |