category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 4.3	CVE-2026-10552	Blue Captcha <= 2.0.1 - Cross-Site Request Forgery via 'blcap_action' Parameter_CVE-2026-10552 The Blue Captcha plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to and including 2.0.1. This is due to missing or ...	jotis	Blue Captcha	Jun 24, 2026	CVE
HIGH 7.2	CVE-2026-10092	Cincopa video and media plug-in <= 1.163 - Unauthenticated Stored Cross-Site Scripting via cincopa Shortcode in Post Comments_CVE-2026-10092 The Cincopa video and media plug-in plugin for WordPress is vulnerable to Stored Cross-Site Scripting via cincopa Shortcode in Post Comments in all...	nicashmu	Cincopa video and media plug-in	Jun 24, 2026	CVE
HIGH 7.2	CVE-2026-10091	Email JavaScript Cloak <= 1.03 - Unauthenticated Stored Cross-Site Scripting_CVE-2026-10091 The Email JavaScript Cloak plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'email' shortcode in all versions up ...	cgarvey	Email JavaScript Cloak	Jun 24, 2026	CVE
HIGH 8.8	CVE-2026-7761	Ultimate Member <= 2.11.4 - Authenticated (Contributor+) Account Takeover via Password Reset Link Disclosure_CVE-2026-7761 The Ultimate Member plugin for WordPress is vulnerable to Account Takeover via Password Reset Link Disclosure in all versions up to and including 2...	ultimatemember	Ultimate Member – User Profile, Registration, Login, Member Directory, Content Restriction & Membership Plugin	Jun 24, 2026	CVE
HIGH 7.6	CVE-2026-56052	WordPress Funnel Builder by FunnelKit plugin <= 3.15.0.5 - SQL Injection vulnerability_CVE-2026-56052 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in FunnelKit Funnel Builder by FunnelKit allows ...	FunnelKit	Funnel Builder by FunnelKit n/a	Jun 24, 2026	CVE
MEDIUM 6.5	CVE-2026-9539	libslirp TCP URG OOB Read Information Leak_CVE-2026-9539 An out-of-bounds heap read and integer underflow in the TCP urgent data handling (sosendoob) in freedesktop.org libslirp version before v4.9.2 on h...	freedesktop.org	libslirp	Jun 24, 2026	CVE
CRITICAL 9.1	CVE-2026-12851	GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerability_CVE-2026-12851 Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted netwo...	GeoVision Inc.	GV-I/O Box 4E V2.09	Jun 24, 2026	CVE
CRITICAL 9.1	CVE-2026-12850	GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerability_CVE-2026-12850 Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted netwo...	GeoVision Inc.	GV-I/O Box 4E V2.09	Jun 24, 2026	CVE
CRITICAL 9.1	CVE-2026-12849	GeoVision GV-I/O Box 4E libNetSetObj.so OS command injection vulnerability_CVE-2026-12849 Multiple OS command injection vulnerabilities exist in the libNetSetObj.so functionality of GeoVision GV-I/O Box 4E 2.09. A specially crafted netwo...	GeoVision Inc.	GV-I/O Box 4E V2.09	Jun 24, 2026	CVE
CRITICAL 10	CVE-2026-12848	GeoVision GV-I/O Box DVRSearch buffer overflow vulnerabilities in CMD_IP_SET command_CVE-2026-12848 GV-I/O Box 4E is a smart embedded device with 4 input and 4 relays output that can be controlled over Ethernet and RS-485. DVRSearch is a service ...	GeoVision Inc.	GV-I/O Box 4E V2.09	Jun 24, 2026	CVE