category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.5	CVE-2026-45436	WordPress WPBakery Page Builder plugin <= 8.7.2 - Broken Access Control vulnerability_CVE-2026-45436 Subscriber Broken Access Control in WPBakery Page Builder	Rain-Task Ltd.	WPBakery Page Builder n/a	Jun 17, 2026	CVE
HIGH 8.8	CVE-2026-42629	WordPress PowerPack Pro for Elementor plugin < v2.13.0 - Broken Authentication vulnerability_CVE-2026-42629 Unauthenticated Broken Authentication in PowerPack Pro for Elementor < v2.13.0 versions.	Powerpackelements	PowerPack Pro for Elementor n/a	Jun 17, 2026	CVE
HIGH 7.1	CVE-2026-42385	WordPress Profile Builder Pro plugin <= 3.15.0 - Cross Site Scripting (XSS) vulnerability_CVE-2026-42385 Unauthenticated Cross Site Scripting (XSS) in Profile Builder Pro	Cozmoslabs	Profile Builder Pro n/a	Jun 17, 2026	CVE
CRITICAL 9.8	CVE-2026-42380	WordPress AI Lab theme < 5.4.2 - PHP Object Injection vulnerability_CVE-2026-42380 Unauthenticated PHP Object Injection in AI Lab < 5.4.2 versions.	jwsthemes	AI Lab n/a	Jun 17, 2026	CVE
HIGH 7.1	CVE-2026-41557	WordPress Kapee theme < 1.7.1 - Cross Site Scripting (XSS) vulnerability_CVE-2026-41557 Unauthenticated Cross Site Scripting (XSS) in Kapee < 1.7.1 versions.	PressLayouts	Kapee n/a	Jun 17, 2026	CVE
CRITICAL 9.9	CVE-2026-40783	WordPress Blocksy Companion Pro plugin <= 2.1.37 - Remote Code Execution (RCE) vulnerability_CVE-2026-40783 Contributor Remote Code Execution (RCE) in Blocksy Companion Pro	Creative Themes	Blocksy Companion Pro n/a	Jun 17, 2026	CVE
HIGH 7.3	CVE-2026-40768	WordPress Salon booking system plugin <= 10.30.24 - Insecure Direct Object References (IDOR) vulnerability_CVE-2026-40768 Unauthenticated Insecure Direct Object References (IDOR) in Salon booking system	Dimitri Grassi	Salon booking system n/a	Jun 17, 2026	CVE
HIGH 7.1	CVE-2026-40765	WordPress collectchat plugin <= 2.4.9 - Cross Site Scripting (XSS) vulnerability_CVE-2026-40765 Unauthenticated Cross Site Scripting (XSS) in collectchat	collectchat	collectchat n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2026-40753	WordPress EasyMeals theme <= 1.5.1 - PHP Object Injection vulnerability_CVE-2026-40753 Unauthenticated PHP Object Injection in EasyMeals	Mikado-Themes	EasyMeals n/a	Jun 17, 2026	CVE
CRITICAL 9.9	CVE-2026-40749	WordPress Charity Zone theme <= 1.1.1 - Arbitrary File Upload vulnerability_CVE-2026-40749 Subscriber Arbitrary File Upload in Charity Zone	themagnifico52	Charity Zone n/a	Jun 17, 2026	CVE