CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 181200 of 17114 results
«« First « Prev Page 10 / 856 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2026-57686 Unauthenticated Cross Site Scripting (XSS) in WowAddons <= 1.6.14 versions. 7.1 0.19% 2026-07-02 2026-07-02
CVE-2026-57685 Subscriber Broken Access Control in Martfury - WooCommerce Marketplace WordPress Theme <= 3.2.8 versions. 4.3 0.25% 2026-07-02 2026-07-02
CVE-2026-57684 Contributor Cross Site Scripting (XSS) in TheFox <= 3.9.70 versions. 6.5 0.17% 2026-07-02 2026-07-02
CVE-2026-57683 Unauthenticated SQL Injection in WP Fast Total Search <= 1.80.280 versions. 9.3 0.25% 2026-07-02 2026-07-02
CVE-2026-57682 Unauthenticated Cross Site Scripting (XSS) in Simple Link Directory <= 15.0.5 versions. 7.1 0.19% 2026-07-02 2026-07-02
CVE-2026-57681 Subscriber Server Side Request Forgery (SSRF) in GeoDirectory <= 2.8.161 versions. 6.4 0.23% 2026-07-02 2026-07-02
CVE-2026-57680 Unauthenticated Insecure Direct Object References (IDOR) in Kirki <= 6.0.11 versions. 6.5 0.25% 2026-07-02 2026-07-02
CVE-2026-57679 Unauthenticated SQL Injection in GeekyBot <= 1.2.5 versions. 9.3 0.25% 2026-07-02 2026-07-02
CVE-2026-57678 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ThemePunch Slider Revolution allows Reflected XSS. This issue affects Slider Revolution: from 7.0.0 through 7.0.16. 7.1 0.15% 2026-07-02 2026-07-02
CVE-2026-57677 Unauthenticated PHP Object Injection in Novalnet Payment Gateway for WooCommerce <= 12.10.3 versions. 9.8 0.34% 2026-07-02 2026-07-02
CVE-2026-57675 Unauthenticated Cross Site Scripting (XSS) in WP Photo Album Plus <= 9.2.02.004 versions. 7.1 0.19% 2026-07-02 2026-07-02
CVE-2026-57674 Unauthenticated Cross Site Scripting (XSS) in Timetics <= 1.0.58 versions. 7.1 0.19% 2026-07-02 2026-07-02
CVE-2026-57673 Unauthenticated Cross Site Scripting (XSS) in Optimole <= 4.2.7 versions. 7.1 0.19% 2026-07-02 2026-07-02
CVE-2026-57672 Unauthenticated Cross Site Scripting (XSS) in wpDataTables <= 6.5.1.1 versions. 7.1 0.19% 2026-07-02 2026-07-02
CVE-2026-57671 Unauthenticated Cross Site Scripting (XSS) in perfmatters <= 2.6.4 versions. 7.1 0.19% 2026-07-02 2026-07-02
CVE-2026-57670 Unauthenticated Cross Site Scripting (XSS) in Google Maps CP <= 1.2.5 versions. 7.1 0.19% 2026-07-02 2026-07-02
CVE-2026-57669 Subscriber Broken Access Control in Advanced Contact form 7 DB <= 2.0.9 versions. 6.5 0.34% 2026-07-02 2026-07-02
CVE-2026-57625 Unauthenticated Cross Site Scripting (XSS) in Admin and Site Enhancements (ASE) Pro <= 8.8.5 versions. 9.6 0.27% 2026-07-02 2026-07-02
CVE-2026-57624 Unauthenticated Remote Code Execution (RCE) in Blocksy Companion Pro <= 2.1.46 versions. 10.0 0.70% 2026-07-02 2026-07-02
CVE-2026-57623 Unauthenticated Arbitrary Code Execution in W3 Total Cache <= 2.9.4 versions. 9.0 0.33% 2026-07-02 2026-07-02
«« First « Prev Page 10 / 856 Next »
cvelogic Threat Intelligence