category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.8	CVE-2026-54806	WordPress WP Activity Log plugin <= 5.6.3.1 - PHP Object Injection vulnerability_CVE-2026-54806 Unauthenticated PHP Object Injection in WP Activity Log	Melapress	WP Activity Log n/a	Jun 17, 2026	CVE
HIGH 8.8	CVE-2026-54805	WordPress Falang multilanguage plugin <= 1.4.2 - Privilege Escalation vulnerability_CVE-2026-54805 Subscriber Privilege Escalation in Falang multilanguage	sbouey	Falang multilanguage n/a	Jun 17, 2026	CVE
HIGH 7.6	CVE-2026-54804	WordPress Melhor Envio plugin <= 2.16.3 - Broken Authentication vulnerability_CVE-2026-54804 Subscriber Broken Authentication in Melhor Envio	melhorenvio	Melhor Envio n/a	Jun 17, 2026	CVE
CRITICAL 9.8	CVE-2026-54803	WordPress SMS Alert Order Notifications plugin <= 3.9.4 - Privilege Escalation vulnerability_CVE-2026-54803 Subscriber Privilege Escalation in SMS Alert Order Notifications	Cozy Vision Technologies Pvt. Ltd.	SMS Alert Order Notifications n/a	Jun 17, 2026	CVE
HIGH 7.5	CVE-2026-54802	WordPress SMS Alert Order Notifications plugin <= 3.9.3 - Broken Authentication vulnerability_CVE-2026-54802 Unauthenticated Broken Authentication in SMS Alert Order Notifications	Cozy Vision Technologies Pvt. Ltd.	SMS Alert Order Notifications n/a	Jun 17, 2026	CVE
MEDIUM 6.8	CVE-2026-54196	WordPress JetFormBuilder plugin <= 3.6.1 - Privilege Escalation vulnerability_CVE-2026-54196 Subscriber Privilege Escalation in JetFormBuilder	Jetmonsters	JetFormBuilder n/a	Jun 17, 2026	CVE
HIGH 7.1	CVE-2026-54195	WordPress JetFormBuilder plugin <= 3.6.0.1 - Cross Site Scripting (XSS) vulnerability_CVE-2026-54195 Unauthenticated Cross Site Scripting (XSS) in JetFormBuilder	Jetmonsters	JetFormBuilder n/a	Jun 17, 2026	CVE
HIGH 7.1	CVE-2026-54192	WordPress Popup box plugin <= 6.2.9 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-54192 Unauthenticated Cross Site Scripting (XSS) in Popup box	Ays Pro	Popup box n/a	Jun 17, 2026	CVE
HIGH 7.1	CVE-2026-54189	WordPress JetEngine plugin <= 3.8.10 - Cross Site Scripting (XSS) vulnerability_CVE-2026-54189 Unauthenticated Cross Site Scripting (XSS) in JetEngine	Jetimpex Inc.	JetEngine n/a	Jun 17, 2026	CVE
HIGH 7.1	CVE-2026-54188	WordPress JetEngine plugin <= 3.8.10 - Cross Site Scripting (XSS) vulnerability_CVE-2026-54188 Unauthenticated Cross Site Scripting (XSS) in JetEngine	Jetimpex Inc.	JetEngine n/a	Jun 17, 2026	CVE