category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.1	CVE-2026-40731	WordPress ChapterOne theme <= 1.7 - Local File Inclusion vulnerability_CVE-2026-40731 Unauthenticated Local File Inclusion in ChapterOne	Mikado-Themes	ChapterOne n/a	Jun 17, 2026	CVE
HIGH 8.2	CVE-2026-40726	WordPress User Registration Stripe plugin <= 1.3.14 - Broken Access Control vulnerability_CVE-2026-40726 Unauthenticated Broken Access Control in User Registration Stripe	ThemeGrill	User Registration Stripe n/a	Jun 17, 2026	CVE
CRITICAL 9.8	CVE-2026-40725	WordPress WooCommerce Product Filters plugin < 2.0.6 - PHP Object Injection vulnerability_CVE-2026-40725 Unauthenticated PHP Object Injection in WooCommerce Product Filters < 2.0.6 versions.	Barn2 Media Ltd	WooCommerce Product Filters n/a	Jun 17, 2026	CVE
MEDIUM 6.5	CVE-2026-40724	WordPress Client Portal (Pro) plugin <= 5.6.2 - Arbitrary File Download vulnerability_CVE-2026-40724 CP Client Arbitrary File Download in Client Portal (Pro)	Client Portal Ltd.	Client Portal (Pro) n/a	Jun 17, 2026	CVE
MEDIUM 4.3	CVE-2026-40723	WordPress Bricks Builder theme <= 2.1.4 - Broken Access Control vulnerability_CVE-2026-40723 Subscriber Broken Access Control in Bricks Builder	Bricks	Bricks Builder n/a	Jun 17, 2026	CVE
HIGH 7.5	CVE-2026-40721	WordPress Element Pack Pro plugin <= 9.0.6 - Local File Inclusion vulnerability_CVE-2026-40721 Contributor Local File Inclusion in Element Pack Pro	BdThemes	Element Pack Pro n/a	Jun 17, 2026	CVE
HIGH 7.1	CVE-2026-39597	WordPress WPZOOM Addons for Elementor plugin <= 1.3.4 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-39597 Unauthenticated Cross Site Scripting (XSS) in WPZOOM Addons for Elementor	WPZOOM	WPZOOM Addons for Elementor n/a	Jun 17, 2026	CVE
CRITICAL 9.3	CVE-2026-39596	WordPress Blocksy Companion Pro plugin < 2.1.29 - SQL Injection vulnerability_CVE-2026-39596 Unauthenticated SQL Injection in Blocksy Companion Pro < 2.1.29 versions.	Creative Themes	Blocksy Companion Pro n/a	Jun 17, 2026	CVE
MEDIUM 4.7	CVE-2026-39595	WordPress W3 Total Cache plugin <= 2.9.1 - Broken Access Control vulnerability_CVE-2026-39595 Author Broken Access Control in W3 Total Cache	BoldGrid	W3 Total Cache n/a	Jun 17, 2026	CVE
CRITICAL 9.9	CVE-2026-39589	WordPress Webenvo theme <= 0.0.6 - Arbitrary File Upload vulnerability_CVE-2026-39589 Subscriber Arbitrary File Upload in Webenvo	A WP Life	Webenvo n/a	Jun 17, 2026	CVE