The SANS 25 list is a widely recognized AppSec benchmark. The vulnerabilities listed here are linked directly to their respective CWE origins. This means you can get an in-depth view into the vulnerability data (remediation costs, code samples, attack frequency, etc) just with a single click, something that can definitely assist with your remediation efforts.
Additional reading:
Continue to AppSec Standards & Benchmarks: PCI DSS