Latest CVE Feed

CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable

Score

Vulnerability

Published

5.1 MEDIUM

CVE-2020-37217 — Easy2Pilot 7 Cross-Site Request Forgery via admin.php

Easy2Pilot 7 contains a cross-site request forgery vulnerability that allows attackers to add unauthorized user accounts by tricking authenticated administrators into visiting malicious pages. Attack…

Remote | Cross-Site Request Forgery

May 13, 2026 May 13, 2026

May 13, 2026

5.5 MEDIUM

CVE-2020-37174 — WOOF / Products Filter Professional for WooCommerce 1.2.3 Persistent XSS

WOOF Products Filter for WooCommerce 1.2.3 contains a persistent cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts by entering XSS payloads in design …

husky_-_products_filter_professional_for_woocommerce | Remote | Cross-Site Scripting

May 13, 2026 May 13, 2026

May 13, 2026

6.8 MEDIUM

CVE-2020-37169 — WordPress Plugin ultimate-member 2.1.3 Local File Inclusion

WordPress Plugin ultimate-member 2.1.3 contains a local file inclusion vulnerability that allows authenticated attackers to include arbitrary files by manipulating the pack parameter in class-admin-u…

ultimate_member | Path Traversal

May 13, 2026 May 13, 2026

May 13, 2026

9.8 CRITICAL

CVE-2020-37168 — Ecommerce Systempay 1.0 Production Key Brute Force

Ecommerce Systempay 1.0 contains a weak cryptographic implementation vulnerability that allows attackers to brute force the 16-character production secret key used for payment signature generation. A…

Remote | Cryptography

May 13, 2026 May 13, 2026

May 13, 2026

Showing 20 of 7044 Results

Browse by Apps

Latest CVE Feed

Cookie Preferences