category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	CVE-2026-40721	WordPress Element Pack Pro plugin <= 9.0.6 - Local File Inclusion vulnerability_CVE-2026-40721 Contributor Local File Inclusion in Element Pack Pro	BdThemes	Element Pack Pro n/a	Jun 17, 2026	CVE
HIGH 7.1	CVE-2026-39597	WordPress WPZOOM Addons for Elementor plugin <= 1.3.4 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-39597 Unauthenticated Cross Site Scripting (XSS) in WPZOOM Addons for Elementor	WPZOOM	WPZOOM Addons for Elementor n/a	Jun 17, 2026	CVE
CRITICAL 9.3	CVE-2026-39596	WordPress Blocksy Companion Pro plugin < 2.1.29 - SQL Injection vulnerability_CVE-2026-39596 Unauthenticated SQL Injection in Blocksy Companion Pro < 2.1.29 versions.	Creative Themes	Blocksy Companion Pro n/a	Jun 17, 2026	CVE
MEDIUM 4.7	CVE-2026-39595	WordPress W3 Total Cache plugin <= 2.9.1 - Broken Access Control vulnerability_CVE-2026-39595 Author Broken Access Control in W3 Total Cache	BoldGrid	W3 Total Cache n/a	Jun 17, 2026	CVE
CRITICAL 9.9	CVE-2026-39589	WordPress Webenvo theme <= 0.0.6 - Arbitrary File Upload vulnerability_CVE-2026-39589 Subscriber Arbitrary File Upload in Webenvo	A WP Life	Webenvo n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2026-39582	WordPress Hitek theme < 1.8.3 - Local File Inclusion vulnerability_CVE-2026-39582 Unauthenticated Local File Inclusion in Hitek < 1.8.3 versions.	xtemos	Hitek n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2026-39573	WordPress Mildhill theme <= 1.5 - PHP Object Injection vulnerability_CVE-2026-39573 Unauthenticated PHP Object Injection in Mildhill	Select-Themes	Mildhill n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2026-39558	WordPress Malmö theme <= 2.2 - Local File Inclusion vulnerability_CVE-2026-39558 Unauthenticated Local File Inclusion in Malmö	Elated-Themes	Malmö n/a	Jun 17, 2026	CVE
HIGH 7.6	CVE-2026-39546	WordPress MultiLoca plugin <= 4.2.15 - Privilege Escalation vulnerability_CVE-2026-39546 Subscriber Privilege Escalation in MultiLoca	Techspawn	MultiLoca n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2026-39545	WordPress Zermatt theme <= 1.6.1 - PHP Object Injection vulnerability_CVE-2026-39545 Unauthenticated PHP Object Injection in Zermatt	Select-Themes	Zermatt n/a	Jun 17, 2026	CVE