Aggregating NVD, CVE, and multi-source threat feeds, this list provides deep analysis of high-risk threats such as RCE. By integrating CVSS and EPSS models, the system dynamically tracks Exp (Exploit) resources and PoC availability to accurately assess Exploitability. Combined with official Patches and remediation strategies, it helps prioritize Vulnerability Management workflows, significantly shortening response cycles and securing your critical assets.
Assigner (CNA / source):[email protected] Remove this filter
| CVE | Description | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|
| CVE-2026-57634 | Contributor Insecure Direct Object References (IDOR) in PPWP <= 1.9.19 versions. | 4.3 | 0.18% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57633 | Unauthenticated Sensitive Data Exposure in WCBoost – Products Compare <= 1.1.0 versions. | 5.3 | 0.24% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57632 | Subscriber Broken Access Control in Email Marketing for WooCommerce by Omnisend <= 1.19.0 versions. | 5.4 | 0.27% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57631 | Administrator SQL Injection in Popup box <= 6.0.1 versions. | 7.6 | 0.28% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57630 | Unauthenticated Insecure Direct Object References (IDOR) in Blocksy Companion Pro <= 2.1.46 versions. | 5.3 | 0.23% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57629 | Contributor Cross Site Scripting (XSS) in StatCounter <= 2.1.1 versions. | 6.5 | 0.16% | 2026-06-26 | 2026-06-29 |
| CVE-2026-57628 | Administrator SQL Injection in WP All Import <= 4.0.1 versions. | 7.6 | 0.28% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57627 | Subscriber Server Side Request Forgery (SSRF) in Kirki <= 6.0.11 versions. | 4.9 | 0.18% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57622 | Subscriber Broken Access Control in WPCafe <= 3.0.14 versions. | 4.3 | 0.26% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57618 | Contributor Cross Site Scripting (XSS) in Neve PRO <= 3.1.2 versions. | 6.5 | 0.16% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57617 | Contributor Cross Site Scripting (XSS) in SeedProd Pro < 6.19.5 versions. | 6.5 | 0.16% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57431 | Author Cross Site Scripting (XSS) in Featured Image <= 2.1 versions. | 6.5 | 0.16% | 2026-06-26 | 2026-06-29 |
| CVE-2026-57430 | Contributor Broken Access Control in SEOPress PRO <= 9.1.1 versions. | 4.3 | 0.18% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57325 | Unauthenticated Cross Site Scripting (XSS) in NanoMag <= 1.8 versions. | 7.1 | 0.18% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57324 | Unauthenticated Broken Access Control in GIFT4U <= 1.0.10 versions. | 6.5 | 0.24% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57323 | Unauthenticated Broken Access Control in Flash & HTML5 Video <= 2.11.0 versions. | 5.8 | 0.23% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57322 | Unauthenticated Cross Site Scripting (XSS) in weMail <= 2.1.2 versions. | 7.1 | 0.18% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57321 | Contributor Arbitrary File Deletion in H5P <= 1.17.7 versions. | 7.1 | 0.29% | 2026-06-26 | 2026-06-29 |
| CVE-2026-57319 | Unauthenticated Cross Site Scripting (XSS) in FOX <= 1.4.8 versions. | 7.1 | 0.18% | 2026-06-26 | 2026-06-26 |
| CVE-2026-57318 | Subscriber Sensitive Data Exposure in Site Reviews <= 8.0.11 versions. | 6.5 | 0.36% | 2026-06-26 | 2026-06-26 |