CVE 清單 – 發現高風險與在野利用漏洞

聚合 NVD、CVE 及多源情資,深度解析 RCE 等高危風險。系統整合 CVSS 與 EPSS 模型,動態追蹤 Exploit 資源與 PoC 公開狀態,研判可利用性。結合官方修補與修復方案,優化漏洞管理優先級,縮短回應週期,保障資產安全。

指派機構(CNA / 來源):[email protected] 移除此篩選

顯示 811001222 筆結果
CVE 描述 最高 CVSS EPSS % 公開時間 更新時間
CVE-2026-49075 Contributor PHP Object Injection in JetEngine <= 3.8.9.1 versions. 9.8 0.39% 2026-06-17 2026-06-17
CVE-2026-49058 Unauthenticated Privilege Escalation in LoginPress Pro <= 6.2.2 versions. 9.8 0.33% 2026-06-17 2026-06-17
CVE-2026-48875 Unauthenticated SQL Injection in JetSmartFilters <= 3.8.1 versions. 9.3 0.37% 2026-06-17 2026-06-17
CVE-2026-42380 Unauthenticated PHP Object Injection in AI Lab < 5.4.2 versions. 9.8 0.51% 2026-06-17 2026-06-17
CVE-2026-40783 Contributor Remote Code Execution (RCE) in Blocksy Companion Pro <= 2.1.37 versions. 9.9 0.54% 2026-06-17 2026-06-17
CVE-2026-40749 Subscriber Arbitrary File Upload in Charity Zone <= 1.1.1 versions. 9.9 0.43% 2026-06-17 2026-06-17
CVE-2026-40748 Subscriber Arbitrary File Upload in Kids Gift Shop <= 0.5.4 versions. 9.9 0.43% 2026-06-17 2026-06-17
CVE-2026-40747 Subscriber Arbitrary File Upload in Ecommerce Zone <= 0.9.7 versions. 9.9 0.43% 2026-06-17 2026-06-17
CVE-2026-40746 Subscriber Arbitrary File Upload in Restaurant Zone <= 0.7.8 versions. 9.9 0.43% 2026-06-17 2026-06-17
CVE-2026-40725 Unauthenticated PHP Object Injection in WooCommerce Product Filters < 2.0.6 versions. 9.8 0.38% 2026-06-17 2026-06-17
CVE-2026-39596 Unauthenticated SQL Injection in Blocksy Companion Pro < 2.1.29 versions. 9.3 0.37% 2026-06-17 2026-06-17
CVE-2026-39589 Subscriber Arbitrary File Upload in Webenvo <= 0.0.6 versions. 9.9 0.43% 2026-06-17 2026-06-17
CVE-2026-39529 Unauthenticated PHP Object Injection in Elementra <= 1.0.9 versions. 9.8 0.38% 2026-06-17 2026-06-17
CVE-2026-39438 Unauthenticated SQL Injection in ListingPro <= 2.9.10 versions. 9.3 0.37% 2026-06-17 2026-06-17
CVE-2026-27429 Unauthenticated PHP Object Injection in Nifty <= 1.4.1 versions. 9.8 0.56% 2026-06-17 2026-06-17
CVE-2026-27395 Unauthenticated Privilege Escalation in Support Board < 3.8.9 versions. 9.8 0.34% 2026-06-17 2026-06-17
CVE-2026-27041 Contributor Arbitrary File Upload in Unlimited Elements for Elementor (Premium) <= 2.0.6 versions. 9.9 0.32% 2026-06-17 2026-06-17
CVE-2026-25470 Improper Control of Generation of Code ('Code Injection') vulnerability in ACPT ACPT (Pro) - Custom Post Types Plugin for WordPress allows Remote Code Inclusion. This issue affects ACPT (Pro) - Custom Post Types Plugin for WordPress: from n/a through 2.0.47. 10.0 0.41% 2026-06-17 2026-06-17
CVE-2026-25446 Subscriber Arbitrary File Upload in WishList Member X <= 3.29.0 versions. 9.9 0.43% 2026-06-17 2026-06-17
CVE-2026-24611 Unauthenticated Broken Access Control in MetForm Pro <= 3.9.1 versions. 9.1 0.44% 2026-06-17 2026-06-17
cvelogic Threat Intelligence