CVE Watchtower

Advanced Threat Data Export

Filter and download the raw CVE repository (CSV/JSON) for SIEM integration and internal reporting.

Data export is locked. Upgrade your package to enable filtering and downloading.

πŸ”” Premium Features
πŸ” Filter Threats
Title
SeverityEPSS (30-Day)
PoCActively ExploitedSourceDate
CVE-2026-3655
The OTP Login With Phone Number, OTP Verification plugin for WordPress is vulnerable to authentication bypass in versions 1.8.50 through 1.8.60. This ...
CRITICALπŸ”’ LOCKED??????????NVD6 days ago
CVE-2025-11262
The Link Whisper Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user_id parameter in all versions up to, and including...
HIGHπŸ”’ LOCKED??????????NVD6 days ago
CVE-2026-49196
The Wi-Fi device blocking feature fails to sanitize MAC address input, allowing injection and execution of arbitrary shell commands.
UNKNOWNπŸ”’ LOCKED??????????NVD6 days ago
CVE-2026-49195
Unauthenticated Debug Service. The /sbin/mtk_dut binary is exposed on TCP port 9000 without authentication, allowing any LAN-based attacker to execute...
UNKNOWNπŸ”’ LOCKED??????????NVD6 days ago
CVE-2026-49322
Weak authentication in the Wireless Control Module (WCM) of the Indian Motorcycle Scout Bobber + Tech 2025 model year allows an adjacent-network attac...
MEDIUMπŸ”’ LOCKED??????????NVD6 days ago
CVE-2026-9714
The Simple Divi Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' parameter of the [showmodule] short...
MEDIUMπŸ”’ LOCKED??????????NVD6 days ago
CVE-2026-8732
The WP Maps Pro plugin for WordPress is vulnerable to Privilege Escalation via Administrator Account Creation in all versions up to, and including, 6....
CRITICALπŸ”’ LOCKED??????????NVD6 days ago
CVE-2026-6324
A flaw was found in libsoup. A remote attacker could exploit an unsigned to signed conversion error in the `soup_body_input_stream_read_chunked()` fun...
MEDIUMπŸ”’ LOCKED??????????NVD6 days ago
CVE-2026-6275
The StatCounter – Free Real Time Visitor Stats plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 2...
MEDIUMπŸ”’ LOCKED??????????NVD6 days ago
CVE-2025-14042
The Automotive Car Dealership Business WordPress Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Project Details' ...
MEDIUMπŸ”’ LOCKED??????????NVD6 days ago
CVE-2025-11993
The WooCommerce Infinite Scroll and Ajax Pagination plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 1...
HIGHπŸ”’ LOCKED??????????NVD6 days ago
CVE-2026-9493
Service Center developed by BankPro E-Service Technology has an Insecure Direct Object Reference vulnerability, allowing authenticated remote attacker...
MEDIUMπŸ”’ LOCKED??????????NVD6 days ago
CVE-2026-2128
The Breeze plugin for WordPress is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor in all versions up to, and including, 2.5....
MEDIUMπŸ”’ LOCKED??????????NVD6 days ago
CVE-2026-8995
The Poll Maker – Versus Polls, Anonymous Polls, Image Polls plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to a...
MEDIUMπŸ”’ LOCKED??????????NVD6 days ago
CVE-2026-7430
The Post Snippets plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 4.0.19. This is due to insuf...
MEDIUMπŸ”’ LOCKED??????????NVD6 days ago
CVE-2026-7480
An Incorrect Permission Assignment for Critical Resource vulnerability in ASUS System Control Interface allows a local user to elevate privileges to S...
UNKNOWNπŸ”’ LOCKED??????????NVD6 days ago
CVE-2026-8070
Incorrect permission assignment for a critical resource in Armoury Crate allows a local user to bypass the driver’s validation mechanism, resulting ...
UNKNOWNπŸ”’ LOCKED??????????NVD6 days ago
CVE-2026-6892
Improper handling of symbolic links in the installer of CUPS Printer Driver for macOS(*) may allow a local attacker with login privileges to exploit a...
MEDIUMπŸ”’ LOCKED??????????NVD6 days ago
CVE-2026-6891
Improper handling of symbolic links in the installer of My Image Garden for macOS Version 3.6.8 or earlier may allow a local attacker with login privi...
MEDIUMπŸ”’ LOCKED??????????NVD6 days ago
CVE-2026-9999
Inappropriate implementation in ANGLE in Google Chrome on Mac prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a san...
HIGHπŸ”’ LOCKED??????????NVD6 days ago