CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 101120 of 16964 results
«« First « Prev Page 6 / 849 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2026-57737 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Averta LTD Shortcodes and extra features for Phlox theme allows DOM-Based XSS. This issue affects Shortcodes and extra features for Phlox theme: from n/a through 2.17.16. 6.5 0.14% 2026-07-01 2026-07-02
CVE-2026-57736 Insertion of Sensitive Information Into Sent Data vulnerability in HubSpot allows Retrieve Embedded Sensitive Data. This issue affects HubSpot: from n/a through 11.3.51. 7.4 0.18% 2026-07-01 2026-07-01
CVE-2026-57723 Cross-Site Request Forgery (CSRF) vulnerability in e4jvikwp VikBooking Hotel Booking Engine & PMS allows Path Traversal. This issue affects VikBooking Hotel Booking Engine & PMS: from n/a through 1.8.12. 7.4 0.12% 2026-07-01 2026-07-01
CVE-2026-57722 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ShortPixel Enable Media Replace allows Stored XSS. This issue affects Enable Media Replace: from n/a through 4.2.1. 5.9 0.15% 2026-07-01 2026-07-02
CVE-2026-57721 Missing Authorization vulnerability in WP Reloaded ApplyOnline allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ApplyOnline: from n/a through 2.6.7.6. 5.3 0.18% 2026-07-01 2026-07-01
CVE-2026-57720 Missing Authorization vulnerability in Codexpert Inc ThumbPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects ThumbPress: from n/a through 6.3.2. 4.3 0.20% 2026-07-01 2026-07-01
CVE-2026-27409 Missing Authorization vulnerability in Webba Plugins Webba Booking allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Webba Booking: from n/a through 6.4.13. 5.3 0.20% 2026-07-01 2026-07-01
CVE-2026-57692 Incorrect Privilege Assignment vulnerability in LCweb PrivateContent allows Privilege Escalation. This issue affects PrivateContent: from n/a through 9.9.2. 9.8 0.29% 2026-07-01 2026-07-01
CVE-2026-27435 Missing Authorization vulnerability in WofficeIO Woffice allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Woffice: from n/a before 5.4.33. 5.3 0.24% 2026-07-01 2026-07-01
CVE-2026-57341 Unauthenticated Insecure Direct Object References (IDOR) in Colissimo Officiel : Méthodes de livraison pour WooCommerce <= 2.9.0 versions. 6.5 0.26% 2026-06-29 2026-07-01
CVE-2026-57340 Unauthenticated Broken Access Control in Japanized For WooCommerce <= 2.9.12 versions. 6.5 0.20% 2026-06-29 2026-06-29
CVE-2026-57339 Unauthenticated Broken Access Control in Business Directory <= 6.4.23 versions. 6.5 0.20% 2026-06-29 2026-06-29
CVE-2026-57338 Unauthenticated Cross Site Scripting (XSS) in ARForms <= 7.1.2 versions. 7.1 0.15% 2026-06-29 2026-06-29
CVE-2026-57337 Unauthenticated Cross Site Scripting (XSS) in Landing Page Builder <= 1.5.3.5 versions. 7.1 0.15% 2026-06-29 2026-06-29
CVE-2026-57336 Unauthenticated Cross Site Scripting (XSS) in Jobify <= 4.3.2 versions. 7.1 0.15% 2026-06-29 2026-06-29
CVE-2026-57335 Subscriber Broken Access Control in Ads by WPQuads <= 3.0.3 versions. 6.5 0.23% 2026-06-29 2026-07-01
CVE-2026-57334 Unauthenticated Broken Access Control in WP User Frontend <= 4.3.7 versions. 6.5 0.20% 2026-06-29 2026-06-29
CVE-2026-57333 Unauthenticated Cross Site Scripting (XSS) in Link Whisper Free <= 0.9.4 versions. 7.1 0.15% 2026-06-29 2026-06-29
CVE-2026-57332 Subscriber Broken Access Control in Wallet System for WooCommerce <= 2.7.6 versions. 7.1 0.26% 2026-06-29 2026-06-29
CVE-2026-57331 Performer Arbitrary File Deletion in Paid Videochat Turnkey Site <= 7.4.8 versions. 9.9 0.34% 2026-06-29 2026-06-29
«« First « Prev Page 6 / 849 Next »
cvelogic Threat Intelligence