category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
LOW 3.3	CVE-2026-8662	Path Traversal in Rapid7 InsightConnect Compression Plugin_CVE-2026-8662 Path Traversal vulnerability in the create_archive function of Rapid7 InsightConnect Compression Plugin on Linux allows authenticated attackers to ...	Rapid7	InsightConnect Compression Plugin	Jun 25, 2026	CVE
MEDIUM 6	CVE-2026-8658	OS Command Injection in Rapid7 InsightConnect Tcpdump Plugin_CVE-2026-8658 OS Command Injection vulnerability in Rapid7 InsightConnect Tcpdump Plugin on Linux allows authenticated attackers to execute arbitrary OS commands...	Rapid7	InsightConnect Tcpdump Plugin	Jun 25, 2026	CVE
MEDIUM 6.5	CVE-2026-2508	Gravity Forms Booking <= 2.7.1 - Authenticated (Subscriber+) Time-Based SQL Injection via 'staff_id'_CVE-2026-2508 The Gravity Forms Booking plugin for WordPress is vulnerable to time-based SQL Injection via the ‘staff_id’ parameter in all versions up to, and in...	GravityMore	Gravity Bookings	Jun 25, 2026	CVE
MEDIUM 6.5	CVE-2026-12079	Dokan Pro <= 5.0.4 - Authenticated (Subscriber+) SQL Injection via 'orderby' Parameter_CVE-2026-12079 The Dokan Pro plugin for WordPress is vulnerable to time-based SQL Injection via the ’orderby’ parameter in all versions up to, and including, 5.0....	wedevs	Dokan Pro	Jun 25, 2026	CVE
HIGH 7.5	CVE-2026-12077	Dokan Pro <= 5.0.4 - Unauthenticated SQL Injection via 'latitude' and 'longitude' Parameters_CVE-2026-12077 The Dokan Pro plugin for WordPress is vulnerable to time-based SQL Injection via the via 'latitude' and 'longitude' parameters in all versions up t...	wedevs	Dokan Pro	Jun 25, 2026	CVE
MEDIUM 6.4	CVE-2026-10833	Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns <= 6.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'configurablePrefix' Block Attribute_CVE-2026-10833 The Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns plugin for WordPress is vulnerable to Stored Cross-Site Scripting via...	wpdevteam	Gutenberg Essential Blocks – Page Builder for Gutenberg Blocks & Patterns	Jun 25, 2026	CVE
MEDIUM 6	CVE-2026-8663	OS Command Injection in Rapid7 InsightConnect RPM Plugin_CVE-2026-8663 OS Command Injection vulnerability in Rapid7 InsightConnect RPM Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via...	Rapid7	InsightConnect RPM Plugin	Jun 24, 2026	CVE
MEDIUM 6	CVE-2026-8659	OS Command Injection in Rapid7 InsightConnect SQLmap Plugin_CVE-2026-8659 OS Command Injection vulnerability in Rapid7 InsightConnect SQLmap Plugin on Linux allows authenticated attackers to execute arbitrary OS commands ...	Rapid7	InsightConnect SQLmap Plugin	Jun 25, 2026	CVE
HIGH 8.8	CVE-2026-9155	OS Command Injection in Rapid7 InsightConnect Sed Plugin via expression parameter._CVE-2026-9155 OS Command Injection vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to execute arbitrary OS commands via...	Rapid7	InsightConnect Sed Plugin	Jun 25, 2026	CVE
HIGH 7.1	CVE-2026-9154	Arbitrary File Write in Rapid7 InsightConnect Sed Plugin_CVE-2026-9154 Arbitrary File Write vulnerability in Rapid7 InsightConnect Sed Plugin on Linux allows authenticated attackers to write attacker-controlled content...	Rapid7	InsightConnect Sed Plugin	Jun 25, 2026	CVE