Critical Alert 2 Active Exploits Detected Today

CVE-2026-46817 Oracle E-Business Suite Improper Privilege Management Vulnerability →
CVE-2023-4346 KNX Association KNX Protocol Connection Authorization Option 1 Overly Restrictive Account Lockout Mechanism Vulnerability →
Powered by CVE Watchtower
×

CVE Watchtower

Advanced Threat Data Export

Filter and download the raw CVE repository (CSV/JSON) for SIEM integration and internal reporting.

Data export is locked. Upgrade your package to enable filtering and downloading.

🔔 Premium Features
🔍 Filter Threats
Title
SeverityPoCActively ExploitedSourceDate
???-????-????
??????????????????????????????????
??????????????????????????????????
HIGH??????????SA1 day ago
???-????-????
??????????????????????????????????
??????????????????????????????????
HIGH??????????SA1 day ago
???-????-????
??????????????????????????????????
??????????????????????????????????
HIGH??????????SA1 day ago
???-????-????
??????????????????????????????????
??????????????????????????????????
HIGH??????????SA1 day ago
???-????-????
??????????????????????????????????
??????????????????????????????????
HIGH??????????SA1 day ago
CVE-2026-7543
The Breakdance plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'fields' parameter in versions up to, and including...
HIGH??????????NVD1 hour ago
CVE-2026-15727
The WP Bulk Delete plugin for WordPress is vulnerable to generic SQL Injection via the 'delete_user_roles' parameter in all versions up to, ...
MEDIUM??????????NVD1 hour ago
CVE-2026-15651
The WP TripAdvisor Review Slider plugin for WordPress is vulnerable to generic SQL Injection via the 'filtersource' parameter in all version...
MEDIUM??????????NVD1 hour ago
CVE-2026-15610
The WPBot – AI ChatBot for Live Support, Lead Generation, AI Services plugin for WordPress is vulnerable to authorization bypass in all versions up ...
MEDIUM??????????NVD1 hour ago
CVE-2026-15407
The Themify Builder plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 7.7.7. This is due to the plugin ...
MEDIUM??????????NVD1 hour ago
CVE-2026-15350
The The Cache Purger plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 2.3.20. This is due to the plugi...
MEDIUM??????????NVD1 hour ago
CVE-2026-15324
The SysBasics Customize My Account for WooCommerce – Live My Account Customizer plugin for WordPress is vulnerable to Stored Cross-Site Scripting vi...
MEDIUM??????????NVD1 hour ago
CVE-2026-15106
The WPBot – AI ChatBot for Live Support, Lead Generation, AI Services plugin for WordPress is vulnerable to authorization bypass in all versions up ...
MEDIUM??????????NVD1 hour ago
CVE-2026-15103
The WPFunnels – Funnel Builder for WooCommerce with Checkout & One Click Upsell plugin for WordPress is vulnerable to Privilege Escalation via a...
HIGH??????????NVD1 hour ago
CVE-2026-15099
The Delicious Recipes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'steps' block attribute in versions up to, a...
MEDIUM??????????NVD1 hour ago
CVE-2026-15022
The Tutor LMS – eLearning and online course solution plugin for WordPress is vulnerable to generic SQL Injection via Stored Quiz Answer Array in all...
MEDIUM??????????NVD1 hour ago
CVE-2026-15021
The wpForo Forum plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'location' Profile Field in all versions up to, and i...
MEDIUM??????????NVD1 hour ago
CVE-2026-15008
The Uncanny Automator – Easy Automation, Integration, Webhooks & Workflow Builder Plugin plugin for WordPress is vulnerable to arbitrary file de...
HIGH??????????NVD1 hour ago
CVE-2026-15005
The Loco Translate plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.8.5. This is due to missin...
HIGH??????????NVD1 hour ago
CVE-2026-13767
The Quiz Master Next plugin for WordPress is vulnerable to SQL Injection via stored quiz page data in versions up to, and including, 11.2.0. This is d...
MEDIUM??????????NVD1 hour ago
CVE-2026-13755
The Tickera – Sell Tickets & Manage Events plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'price_wrapper' Short...
MEDIUM??????????NVD1 hour ago
CVE-2026-13754
The Tickera – Sell Tickets & Manage Events plugin for WordPress is vulnerable to generic SQL Injection via the 's' parameter in all ve...
MEDIUM??????????NVD1 hour ago
CVE-2026-13741
The Digits: WordPress Mobile Number Signup and Login plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, ...
HIGH??????????NVD1 hour ago
CVE-2026-22752
Authentication bypass by primary weakness vulnerability in Spring Security Spring Authorization Server. This issue affects Spring Authorization Serve...
CRITICAL??????????NVD2 hours ago
CVE-2026-6424
Use-after-free vulnerability in ESET Linux products potentially allowed an attacker to trigger kernel panic on the system
UNKNOWN??????????NVD2 hours ago