CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 121140 of 229 results
«« First « Prev Page 7 / 12 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2024-25600 Improper Control of Generation of Code ('Code Injection') vulnerability in Codeer Limited Bricks Builder allows Code Injection.This issue affects Bricks Builder: from n/a through 1.9.6. 10.0 88.23% 2024-06-04 2026-06-17
CVE-2024-34370 Improper Privilege Management vulnerability in WPFactory EAN for WooCommerce allows Privilege Escalation.This issue affects EAN for WooCommerce: from n/a through 4.8.9. 7.2 1.09% 2024-05-17 2026-06-17
CVE-2024-33644 Improper Control of Generation of Code ('Code Injection') vulnerability in WPCustomify Customify Site Library allows Code Injection.This issue affects Customify Site Library: from n/a through 0.0.9. 9.9 1.11% 2024-05-17 2026-06-17
CVE-2024-32523 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in EverPress Mailster mailster.This issue affects Mailster: from n/a through <= 4.0.6. 8.1 1.75% 2024-05-17 2026-06-17
CVE-2024-27971 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Premmerce Premmerce Permalink Manager for WooCommerce woo-permalink-manager.This issue affects Premmerce Permalink Manager for WooCommerce: from n/a through <= 2.3.10. 8.3 1.46% 2024-05-17 2026-06-17
CVE-2024-27954 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in WP Automatic Automatic allows Path Traversal, Server Side Request Forgery.This issue affects Automatic: from n/a through 3.92.0. 9.3 72.95% 2024-05-17 2026-06-17
CVE-2024-24882 Incorrect Privilege Assignment vulnerability in masteriyo Masteriyo - LMS learning-management-system.This issue affects Masteriyo - LMS: from n/a through <= 1.7.2. 9.8 2.11% 2024-05-17 2026-06-17
CVE-2024-22145 Incorrect Privilege Assignment vulnerability in InstaWP InstaWP Connect instawp-connect.This issue affects InstaWP Connect: from n/a through <= 0.1.0.8. 8.8 1.11% 2024-05-17 2026-06-17
CVE-2023-46197 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in supsystic.Com Popup by Supsystic allows Relative Path Traversal.This issue affects Popup by Supsystic: from n/a through 1.10.19. 5.3 1.27% 2024-05-17 2026-06-17
CVE-2024-31351 Unrestricted Upload of File with Dangerous Type vulnerability in Copymatic Copymatic – AI Content Writer & Generator.This issue affects Copymatic – AI Content Writer & Generator: from n/a through 1.6. 10.0 1.62% 2024-05-17 2026-06-17
CVE-2023-41954 Improper Privilege Management vulnerability in ProfilePress Membership Team ProfilePress allows Privilege Escalation.This issue affects ProfilePress: from n/a through 4.13.1. 8.6 1.40% 2024-05-17 2026-06-17
CVE-2023-37999 Improper Privilege Management vulnerability in HasThemes HT Mega allows Privilege Escalation.This issue affects HT Mega: from n/a through 2.2.0. 9.8 3.04% 2024-05-17 2026-06-17
CVE-2023-26540 Improper Privilege Management vulnerability in Favethemes Houzez allows Privilege Escalation.This issue affects Houzez: from n/a through 2.7.1. 9.8 2.73% 2024-05-17 2026-06-17
CVE-2023-26009 Improper Privilege Management vulnerability in Favethemes Houzez Login Register allows Privilege Escalation.This issue affects Houzez Login Register: from n/a through 2.6.3. 9.8 2.73% 2024-05-17 2026-06-17
CVE-2024-34555 Unrestricted Upload of File with Dangerous Type vulnerability in URBAN BASE Z-Downloads.This issue affects Z-Downloads: from n/a through 1.11.3. 10.0 1.22% 2024-05-14 2026-06-17
CVE-2024-32700 Unrestricted Upload of File with Dangerous Type vulnerability in Kognetiks Kognetiks Chatbot for WordPress.This issue affects Kognetiks Chatbot for WordPress: from n/a through 2.0.0. 10.0 2.58% 2024-05-14 2026-06-17
CVE-2024-33911 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Weblizar School Management Pro.This issue affects School Management Pro: from n/a through 10.3.4. 7.6 1.09% 2024-05-02 2026-06-17
CVE-2024-33575 Exposure of Sensitive Information to an Unauthorized Actor vulnerability in User Meta user-meta.This issue affects User Meta: from n/a through 3.0. 5.3 1.12% 2024-04-29 2026-06-17
CVE-2024-33566 Missing Authorization vulnerability in N-Media OrderConvo allows OS Command Injection.This issue affects OrderConvo: from n/a through 12.4. 10.0 1.07% 2024-04-29 2026-06-17
CVE-2024-33559 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in 8theme XStore allows SQL Injection.This issue affects XStore: from n/a through 9.3.5. 9.3 3.55% 2024-04-29 2026-06-17
«« First « Prev Page 7 / 12 Next »
cvelogic Threat Intelligence