category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 3.7	CVE-2026-40011	Prometheus denial of service via crafted DNS queries_CVE-2026-40011 An attacker sending a large number of crafted DNS queries might be able to trigger a dynamic block being inserted with a value causing invalid outp...	PowerDNS	DNSdist 1.9.0	Jun 25, 2026	CVE
HIGH 7.5	CVE-2026-33612	ZoneToCache can poison the cache_CVE-2026-33612 A malicious authoritative server can send a crafted zone via the ZoneToCache function that leads to cache poisoning.	PowerDNS	Recursor 5.2.0	Jun 25, 2026	CVE
MEDIUM 6.5	CVE-2026-57619	WordPress Elementor Website Builder plugin <= 4.1.3 - Sensitive Data Exposure vulnerability_CVE-2026-57619 Contributor Sensitive Data Exposure in Elementor Website Builder	Elementor	Elementor Website Builder n/a	Jun 25, 2026	CVE
MEDIUM 6.5	CVE-2026-57429	WordPress Slim SEO plugin <= 4.6.2 - Broken Access Control vulnerability_CVE-2026-57429 Contributor Broken Access Control in Slim SEO	eLightUp	Slim SEO n/a	Jun 25, 2026	CVE
HIGH 8.7	CVE-2026-56122	Winstone Servlet Engine 0.9.10 Path Traversal via HTTP Request Paths_CVE-2026-56122 Winstone Servlet Engine through 0.9.10 contains a path traversal vulnerability that allows unauthenticated attackers to read arbitrary files by sen...	rickknowles	Winstone Servlet Container 0.9.10	Jun 25, 2026	CVE
HIGH 7.1	CVE-2026-56071	WordPress Forminator plugin <= 1.53.1 - Cross Site Scripting (XSS) vulnerability_CVE-2026-56071 Unauthenticated Cross Site Scripting (XSS) in Forminator	WPMU DEV	Forminator n/a	Jun 25, 2026	CVE
HIGH 7.7	CVE-2026-56054	WordPress JS Help Desk plugin <= 3.1.1 - Arbitrary File Deletion vulnerability_CVE-2026-56054 Subscriber Arbitrary File Deletion in JS Help Desk	Ahmad	JS Help Desk n/a	Jun 25, 2026	CVE
HIGH 8.8	CVE-2026-56053	WordPress EventPrime plugin <= 4.3.4.1 - PHP Object Injection vulnerability_CVE-2026-56053 Subscriber PHP Object Injection in EventPrime	EventPrime	EventPrime n/a	Jun 25, 2026	CVE
HIGH 7.1	CVE-2026-56051	WordPress TablePress plugin <= 3.3.1 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-56051 Unauthenticated Cross Site Scripting (XSS) in TablePress	TablePress	TablePress n/a	Jun 25, 2026	CVE
MEDIUM 6.5	CVE-2026-56050	WordPress PPOM for WooCommerce plugin <= 33.0.18 - Broken Access Control vulnerability_CVE-2026-56050 Improper Access Control vulnerability in Themeisle PPOM for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. T...	Themeisle	PPOM for WooCommerce n/a	Jun 25, 2026	CVE