Most Exploitable CVEs - EPSS Rankings
CVEs ranked by EPSS (Exploit Prediction Scoring System) probability. Higher scores mean a greater likelihood of exploitation in the wild within the next 30 days.
164
EPSS > 50%
156
CISA KEV Listed
35,468
CVEs with EPSS
0.7%
Avg EPSS Score
| Rank | CVE ID | EPSS Score | Percentile | CVSS | Flags | Summary |
|---|---|---|---|---|---|---|
| 9301 | CVE-2025-12379 |
|
10.7th | 6.4 | This stored XSS vulnerability in the Phlox theme's Shortcodes and extra features plugin allows authe | |
| 9302 | CVE-2025-15475 |
|
10.6th | 5.3 | This vulnerability allows unauthenticated attackers to manipulate WooCommerce order statuses through | |
| 9303 | CVE-2025-21047 |
|
10.7th | 5.2 | This vulnerability allows physical attackers with device access to use privileged KnoxGuard APIs due | |
| 9304 | CVE-2025-14796 |
|
10.7th | 6.4 | The My Album Gallery WordPress plugin has a stored XSS vulnerability in image titles due to insuffic | |
| 9305 | CVE-2025-12091 |
|
10.9th | 4.3 | This vulnerability allows authenticated WordPress users with Subscriber-level access or higher to de | |
| 9306 | CVE-2025-40941 |
|
10.8th | 4.3 | SIMATIC CN 4100 devices expose server information in responses, allowing attackers with network acce | |
| 9307 | CVE-2025-12005 |
|
10.9th | 4.3 | This vulnerability allows authenticated WordPress users with contributor-level permissions or higher | |
| 9308 | CVE-2025-4166 |
|
10.9th | 4.5 | CVE-2025-4166 allows sensitive information exposure in Vault server and audit logs when users submit | |
| 9309 | CVE-2026-24539 |
|
10.8th | 5.3 | This CVE describes a missing authorization vulnerability in the ABCdatos ProtecciΓ³n de datos - RGPD | |
| 9310 | CVE-2025-8793 |
|
10.8th | 4.3 | This vulnerability in LitmusChaos Litmus allows attackers to manipulate resource identifiers via the | |
| 9311 | CVE-2025-63039 |
|
10.9th | 6.5 | This CVE describes a missing authorization vulnerability in the ListingPro WordPress theme that allo | |
| 9312 | CVE-2026-0820 |
|
10.7th | 5.3 | This vulnerability allows authenticated WordPress users with Subscriber-level access or higher to up | |
| 9313 | CVE-2026-24541 |
|
10.8th | 5.3 | This CVE describes a missing authorization vulnerability in the WordPress Download After Email plugi | |
| 9314 | CVE-2025-13567 |
|
11th | 6.3 | CVE-2025-13567 is a SQL injection vulnerability in itsourcecode COVID Tracking System 1.0 that allow | |
| 9315 | CVE-2025-6680 |
|
11th | 4.3 | The Tutor LMS WordPress plugin up to version 3.8.3 contains an access control vulnerability that all | |
| 9316 | CVE-2025-12035 |
|
10.8th | 6.5 | An integer overflow vulnerability in the Bluetooth Host stack's bt_br_acl_recv routine allows attack | |
| 9317 | CVE-2025-13568 |
|
11th | 6.3 | CVE-2025-13568 is a SQL injection vulnerability in itsourcecode COVID Tracking System 1.0 that allow | |
| 9318 | CVE-2025-13569 |
|
11th | 6.3 | CVE-2025-13569 is an SQL injection vulnerability in itsourcecode COVID Tracking System 1.0 that allo | |
| 9319 | CVE-2025-64494 |
|
10.8th | 4.6 | Soft Serve Git server versions before 0.10.0 fail to sanitize ANSI escape sequences in user-controll | |
| 9320 | CVE-2025-13570 |
|
11th | 6.3 | This CVE describes a SQL injection vulnerability in the itsourcecode COVID Tracking System 1.0. Atta | |
| 9321 | CVE-2025-24934 |
|
10.9th | 5.4 | This vulnerability allows spoofing attacks against applications using SO_REUSEPORT_LB sockets in Fre | |
| 9322 | CVE-2026-24548 |
|
10.8th | 5.3 | This Server-Side Request Forgery (SSRF) vulnerability in the Prince Radio Player WordPress plugin al | |
| 9323 | CVE-2025-13571 |
|
11th | 6.3 | This vulnerability allows remote attackers to execute SQL injection attacks against Simple Food Orde | |
| 9324 | CVE-2026-0691 |
|
10.7th | 4.4 | This stored XSS vulnerability in the CM E-Mail Blacklist WordPress plugin allows authenticated admin | |
| 9325 | CVE-2025-68917 |
|
10.8th | 6.4 | CVE-2025-68917 is a cross-site scripting (XSS) vulnerability in ONLYOFFICE Docs DocumentServer that | |
| 9326 | CVE-2025-12800 |
|
11th | 6.4 | The WP Shortcodes Plugin β Shortcodes Ultimate for WordPress is vulnerable to Server-Side Request | |
| 9327 | CVE-2025-14449 |
|
10.8th | 6.4 | The BA Book Everything WordPress plugin has a stored XSS vulnerability that allows authenticated att | |
| 9328 | CVE-2025-12583 |
|
10.8th | 6.4 | The Simple Downloads List WordPress plugin has an authorization bypass vulnerability that allows aut | |
| 9329 | CVE-2026-24904 |
|
10.8th | 5.3 | TrustTunnel VPN protocol versions before 0.9.115 have a rule bypass vulnerability where fragmented o | |
| 9330 | CVE-2025-11748 |
|
10.9th | 4.3 | The Groups plugin for WordPress has an Insecure Direct Object Reference vulnerability that allows au | |
| 9331 | CVE-2024-44630 |
|
10.9th | 6.5 | This CVE describes SQL injection vulnerabilities in multiple parameters of the register.php file in | |
| 9332 | CVE-2025-13325 |
|
11th | 6.3 | CVE-2025-13325 is a SQL injection vulnerability in itsourcecode Student Information System 1.0 that | |
| 9333 | CVE-2025-65239 |
|
10.8th | 4.3 | This vulnerability allows attackers with low-level privileges to read server logs via the /aux1/ocus | |
| 9334 | CVE-2026-22849 |
|
10.7th | 4.8 | This stored cross-site scripting (XSS) vulnerability in Saleor e-commerce platform allows malicious | |
| 9335 | CVE-2025-11972 |
|
10.8th | 4.9 | This SQL injection vulnerability in the TaxoPress WordPress plugin allows authenticated attackers wi | |
| 9336 | CVE-2024-44632 |
|
10.9th | 6.5 | PHPGurukul Student Record System 3.20 contains SQL injection vulnerabilities in the password recover | |
| 9337 | CVE-2026-24556 |
|
10.8th | 5.3 | This CVE describes a Missing Authorization vulnerability in the ElementCamp WordPress plugin that al | |
| 9338 | CVE-2024-44633 |
|
10.9th | 6.5 | This vulnerability allows attackers to execute arbitrary SQL commands via the currentpassword parame | |
| 9339 | CVE-2025-8315 |
|
10.6th | 6.4 | The WP Easy Contact WordPress plugin has a stored XSS vulnerability in the 'noaccess_msg' parameter | |
| 9340 | CVE-2026-22445 |
|
10.8th | 5.3 | This CVE describes a missing authorization vulnerability in the Apimo Connector WordPress plugin tha | |
| 9341 | CVE-2025-15058 |
|
10.8th | 6.4 | This vulnerability allows authenticated WordPress users with Contributor-level access or higher to i | |
| 9342 | CVE-2026-0725 |
|
10.7th | 4.4 | This stored XSS vulnerability in the Integrate Dynamics 365 CRM WordPress plugin allows authenticate | |
| 9343 | CVE-2024-44639 |
|
10.9th | 6.5 | PHPGurukul Student Record System 3.20 contains SQL injection vulnerabilities in the add-subject.php | |
| 9344 | CVE-2025-51691 |
|
10.8th | 6.1 | A Cross-Site Scripting (XSS) vulnerability in MarkTwo Markdown Editor allows attackers to inject mal | |
| 9345 | CVE-2026-22458 |
|
10.8th | 5.3 | This CVE describes a Missing Authorization vulnerability in the Mikado-Themes Wanderland WordPress t | |
| 9346 | CVE-2024-44640 |
|
10.9th | 6.5 | CVE-2024-44640 is an SQL injection vulnerability in PHPGurukul Student Record System that allows att | |
| 9347 | CVE-2026-22461 |
|
10.8th | 5.3 | This CVE describes a Missing Authorization vulnerability in the WebAppick CTX Feed plugin for WooCom | |
| 9348 | CVE-2024-55016 |
|
10.9th | 6.5 | This SQL injection vulnerability in PHPGurukul Student Record Management System allows attackers to | |
| 9349 | CVE-2025-64210 |
|
11th | 5.4 | This CVE describes a missing authorization vulnerability in the Masterstudy Elementor Widgets WordPr | |
| 9350 | CVE-2025-13581 |
|
11th | 6.3 | CVE-2025-13581 is an SQL injection vulnerability in itsourcecode Student Information System 1.0 that |
What is EPSS?
The Exploit Prediction Scoring System (EPSS) is a data-driven model developed by FIRST.org that estimates the probability a CVE will be exploited in the wild within the next 30 days. Unlike CVSS which measures severity, EPSS measures likelihood of exploitation β making it ideal for prioritizing which vulnerabilities to patch first.
Why EPSS matters: With thousands of CVEs published monthly, not all vulnerabilities are equally dangerous. EPSS helps security teams focus on the CVEs most likely to be actively exploited, rather than patching solely by CVSS score. A critical CVSS 9.8 vulnerability with 0.1% EPSS may be less urgent than a high CVSS 7.5 with 90% EPSS.
Prioritize by Exploit Risk
Scan your servers and see which vulnerabilities have the highest EPSS scores. Focus on what attackers are actually targeting.
Start Monitoring Free