Advanced Threat Data Export
Filter and download the raw CVE repository (CSV/JSON) for SIEM integration and internal reporting.
Data export is locked. Upgrade your package to enable filtering and downloading.
🔔 Premium Features
🔍 Filter Threats
| Title | Severity | PoC | Actively Exploited | Source | Date |
|---|---|---|---|---|---|
| CVE-2026-8907 The WP-Ultimate-Map plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.1. This is due to missing non... | MEDIUM | ????? | ????? | NVD | 3 days ago |
| CVE-2026-8904 The FastPicker, an order picker and order management system (oms) for WooCommerce on steroids plugin for WordPress is vulnerable to Cross-Site Request... | MEDIUM | ????? | ????? | NVD | 3 days ago |
| CVE-2026-8902 The AJAX Report Comments plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.4. This is due to ... | MEDIUM | ????? | ????? | NVD | 3 days ago |
| CVE-2026-8895 The kk blog card plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'blog-card' shortcode in all versio... | MEDIUM | ????? | ????? | NVD | 3 days ago |
| CVE-2026-8883 The Global Body Mass Index Calculator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'gbmicalc' shortcode in vers... | MEDIUM | ????? | ????? | NVD | 3 days ago |
| CVE-2026-8882 The WP ApplicantStack Jobs Display plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Shortcode Attributes in all versions up to, a... | MEDIUM | ????? | ????? | NVD | 3 days ago |
| CVE-2026-8880 The RomanCart Ecommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'blclass' attribute (and other attributes)... | MEDIUM | ????? | ????? | NVD | 3 days ago |
| CVE-2026-8841 The Extra Settings for RocketChat plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'rocketchat' shortcode's &#... | MEDIUM | ????? | ????? | NVD | 3 days ago |
| CVE-2026-8499 The Helpfulcrowd Product Reviews plugin for WordPress is vulnerable to Authorization Bypass via PHP Type Juggling in versions up to, and including, 1.... | MEDIUM | ????? | ????? | NVD | 3 days ago |
| CVE-2026-7662 The ePaperFlip Publisher plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'publicationid' attribute of the `epaperf... | MEDIUM | ????? | ????? | NVD | 3 days ago |
| CVE-2026-41980 Permission control vulnerability in the file preview module. Impact: Successful exploitation of this vulnerability may affect service confidentiality... | MEDIUM | ????? | ????? | NVD | 3 days ago |
| CVE-2026-41979 Permission control vulnerability in the print module. Impact: Successful exploitation of this vulnerability may affect integrity and confidentiality. | MEDIUM | ????? | ????? | NVD | 3 days ago |
| CVE-2026-41978 Permission control vulnerability in the clone module. Impact: Successful exploitation of this vulnerability may affect service confidentiality. | MEDIUM | ????? | ????? | NVD | 3 days ago |
| CVE-2026-41975 Permission management vulnerability in the network management module. Impact: Successful exploitation of this vulnerability may affect service integr... | MEDIUM | ????? | ????? | NVD | 3 days ago |
| CVE-2026-41855 In an untrusted JMS environment, org.springframework.jms.support.converter.MappingJackson2MessageConverter and org.springframework.jms.support.convert... | HIGH | ????? | ????? | NVD | 3 days ago |
| CVE-2026-41854 Due to incorrect host parsing, applications that rely on UriComponentsBuilder to parse and validate an externally provided URL string may be exposed t... | MEDIUM | ????? | ????? | NVD | 3 days ago |
| CVE-2026-41853 Spring MVC and WebFlux applications are vulnerable to Multipart request smuggling attacks.
Affected versions:
Spring Framework 7.0.0 through 7.0.7; 6... | MEDIUM | ????? | ????? | NVD | 3 days ago |
| CVE-2026-41852 A vulnerability in Spring Expression Language (SpEL) evaluation logic allows for arbitrary zero-argument method invocation, even within restricted or ... | LOW | ????? | ????? | NVD | 3 days ago |
| CVE-2026-41851 Applications which accept user-supplied Spring Expression Language (SpEL) expressions may be vulnerable to a Denial of Service (DoS) attack if the eva... | MEDIUM | ????? | ????? | NVD | 3 days ago |
| CVE-2026-41850 Applications that evaluate user-supplied Spring Expression Language (SpEL) expressions are vulnerable to an Algorithmic Denial of Service (DoS). By pr... | HIGH | ????? | ????? | NVD | 3 days ago |