CVE List – Find High-Risk & Exploited Vulnerabilities

Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.

Assigner (CNA / source):[email protected] Remove this filter

Showing 121140 of 16964 results
«« First « Prev Page 7 / 849 Next »
CVE Description Max CVSS EPSS % Published Updated
CVE-2026-57330 Subscriber Cross Site Scripting (XSS) in MasterStudy LMS <= 3.7.27 versions. 6.5 0.17% 2026-06-29 2026-06-29
CVE-2026-57329 Subscriber Cross Site Scripting (XSS) in WooCommerce Designer Pro <= 1.9.34 versions. 6.5 0.21% 2026-06-29 2026-07-01
CVE-2026-57328 Subscriber Cross Site Scripting (XSS) in Business Directory <= 6.4.22 versions. 6.5 0.21% 2026-06-29 2026-06-29
CVE-2026-57327 Subscriber Broken Access Control in MainWP <= 6.1.1 versions. 6.3 0.25% 2026-06-29 2026-06-29
CVE-2026-57326 Unauthenticated Cross Site Scripting (XSS) in Business Directory <= 6.4.22 versions. 6.1 0.18% 2026-06-29 2026-06-29
CVE-2026-57320 Unauthenticated Cross Site Scripting (XSS) in BEAR <= 1.1.8 versions. 7.1 0.18% 2026-06-29 2026-06-29
CVE-2026-57346 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Epiphyt Embed Privacy allows Path Traversal. This issue affects Embed Privacy: from n/a through 1.12.3. 7.1 0.27% 2026-06-29 2026-06-29
CVE-2026-57676 Authorization Bypass Through User-Controlled Key vulnerability in Matteo Manna Simple User Avatar allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Simple User Avatar: from n/a through 4.9. 4.3 0.18% 2026-06-29 2026-06-29
CVE-2026-57667 Sales Representative SQL Injection in Groundhogg <= 4.5 versions. 8.5 0.21% 2026-06-26 2026-06-29
CVE-2026-57665 Unauthenticated Insecure Direct Object References (IDOR) in GravityView <= 3.0.0 versions. 5.3 0.19% 2026-06-26 2026-06-26
CVE-2026-57664 Unauthenticated Sensitive Data Exposure in Bopo – WooCommerce Product Bundle Builder <= 1.1.6 versions. 4.3 0.18% 2026-06-26 2026-06-26
CVE-2026-57663 Contributor SQL Injection in Recipe Maker For Your Food Blog from Zip Recipes <= 8.2.7 versions. 8.5 0.21% 2026-06-26 2026-06-26
CVE-2026-57662 Contributor SQL Injection in Contest Gallery <= 30.0.0 versions. 8.5 0.21% 2026-06-26 2026-06-26
CVE-2026-57661 Subscriber Broken Access Control in WPComplete <= 2.9.5.5 versions. 5.4 0.22% 2026-06-26 2026-06-26
CVE-2026-57660 Unauthenticated Broken Access Control in Booking and Rental Manager <= 2.7.1 versions. 5.3 0.18% 2026-06-26 2026-06-29
CVE-2026-57659 Unauthenticated Cross Site Request Forgery (CSRF) in Paid Memberships Pro - Add Member From Admin <= 0.7.2 versions. 8.8 0.13% 2026-06-26 2026-06-26
CVE-2026-57658 Administrator Arbitrary File Upload in TemplateSpare <= 4.2.0 versions. 9.1 0.28% 2026-06-26 2026-06-26
CVE-2026-57657 Unauthenticated Cross Site Request Forgery (CSRF) in Gmail SMTP <= 1.2.3.19 versions. 4.3 0.10% 2026-06-26 2026-06-26
CVE-2026-57656 Author Cross Site Scripting (XSS) in Hester Core <= 1.1.8 versions. 5.9 0.14% 2026-06-26 2026-06-26
CVE-2026-57655 Unauthenticated Cross Site Request Forgery (CSRF) in Child Theme Wizard <= 1.4 versions. 8.2 0.11% 2026-06-26 2026-06-26
«« First « Prev Page 7 / 849 Next »
cvelogic Threat Intelligence