category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.9	CVE-2026-27041	WordPress Unlimited Elements for Elementor (Premium) plugin <= 2.0.6 - Arbitrary File Upload vulnerability_CVE-2026-27041 Contributor Arbitrary File Upload in Unlimited Elements for Elementor (Premium)	Studio Keren Aga LTD.	Unlimited Elements for Elementor (Premium) n/a	Jun 17, 2026	CVE
CRITICAL 9.9	CVE-2026-25446	WordPress WishList Member X plugin <= 3.29.0 - Arbitrary File Upload vulnerability_CVE-2026-25446 Subscriber Arbitrary File Upload in WishList Member X	WishList Products, LLC.	WishList Member X n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2026-25439	WordPress Booknetic plugin <= 4.8.5 - Account Takeover vulnerability_CVE-2026-25439 Unauthenticated Broken Authentication in Booknetic	fs-code	Booknetic n/a	Jun 17, 2026	CVE
CRITICAL 9.1	CVE-2026-24611	WordPress MetForm Pro plugin <= 3.9.1 - Broken Access Control vulnerability_CVE-2026-24611 Unauthenticated Broken Access Control in MetForm Pro	WPMet	MetForm Pro n/a	Jun 17, 2026	CVE
MEDIUM 4.3	CVE-2026-24610	WordPress MetForm Pro plugin <= 3.9.1 - Broken Access Control vulnerability_CVE-2026-24610 Subscriber Broken Access Control in MetForm Pro	WPMet	MetForm Pro n/a	Jun 17, 2026	CVE
MEDIUM 4.3	CVE-2026-24575	WordPress WishList Member X plugin <= 3.29.0 - Broken Access Control vulnerability_CVE-2026-24575 Subscriber Broken Access Control in WishList Member X	WishList Member	WishList Member X n/a	Jun 17, 2026	CVE
HIGH 8.6	CVE-2026-22343	WordPress WordPress Dating Theme theme <= 11.2.0 - Broken Access Control vulnerability_CVE-2026-22343 Unauthenticated Broken Access Control in WordPress Dating Theme	PremiumPress Limited.	WordPress Dating Theme n/a	Jun 17, 2026	CVE
HIGH 8.8	CVE-2026-22342	WordPress WordPress Dating Theme theme <= 11.2.0 - Cross Site Request Forgery (CSRF) to Account Takeover vulnerability_CVE-2026-22342 Unauthenticated Cross Site Request Forgery (CSRF) in WordPress Dating Theme	PremiumPress Limited.	WordPress Dating Theme n/a	Jun 17, 2026	CVE
CRITICAL 9.3	CVE-2026-22340	WordPress WPJobster theme <= 6.3.5 - SQL Injection vulnerability_CVE-2026-22340 Unauthenticated SQL Injection in WPJobster	Jobster Marketplace	WPJobster n/a	Jun 17, 2026	CVE
HIGH 7.1	CVE-2026-22339	WordPress WPJobster theme <= 6.3.5 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-22339 Unauthenticated Cross Site Scripting (XSS) in WPJobster	Jobster Marketplace	WPJobster n/a	Jun 17, 2026	CVE