category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	CVE-2026-54830	WordPress Five Star Restaurant Reservations plugin <= 2.7.19 - Broken Access Control vulnerability_CVE-2026-54830 Unauthenticated Broken Access Control in Five Star Restaurant Reservations	Etoile Web Design Incorporated	Five Star Restaurant Reservations n/a	Jun 25, 2026	CVE
HIGH 7.5	CVE-2026-54829	WordPress WP Photo Album Plus plugin <= 9.1.13.005 - SQL Injection vulnerability_CVE-2026-54829 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jacob N. Breetvelt WP Photo Album Plus allows...	Jacob N. Breetvelt	WP Photo Album Plus n/a	Jun 25, 2026	CVE
HIGH 7.5	CVE-2026-54828	WordPress Motors plugin <= 1.4.109 - Broken Access Control vulnerability_CVE-2026-54828 Unauthenticated Broken Access Control in Motors	StylemixThemes	Motors n/a	Jun 25, 2026	CVE
CRITICAL 9.9	CVE-2026-54823	WordPress Widget Options plugin <= 4.2.3 - Remote Code Execution (RCE) vulnerability_CVE-2026-54823 Contributor Remote Code Execution (RCE) in Widget Options	MarketingFire	Widget Options n/a	Jun 25, 2026	CVE
HIGH 8.5	CVE-2026-54822	WordPress SALESmanago & Leadoo plugin <= 3.11.2 - SQL Injection vulnerability_CVE-2026-54822 Subscriber SQL Injection in SALESmanago & Leadoo	SALESmanago	SALESmanago & Leadoo n/a	Jun 25, 2026	CVE
HIGH 7.4	CVE-2026-54821	WordPress Visual Link Preview plugin <= 2.3.1 - Sensitive Data Exposure vulnerability_CVE-2026-54821 Subscriber Sensitive Data Exposure in Visual Link Preview	Bootstrapped Ventures	Visual Link Preview n/a	Jun 25, 2026	CVE
MEDIUM 5.9	CVE-2026-52690	Spoofed answers can mark an authoritative non-EDNS capable_CVE-2026-52690 Spoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by tha...	PowerDNS	Recursor 5.2.0	Jun 25, 2026	CVE
HIGH 7.1	CVE-2026-4526	Global ZCL command parser missing minimum-length validation in EmberZNet v9.0.2_CVE-2026-4526 In EmberZNet v9.0.2 and earlier, malformed global ZCL messages can trigger out-of-bounds reads in framework parsing logic and terminate the process...	Silicon Labs	EmberZNet	Jun 25, 2026	CVE
HIGH 7.2	CVE-2026-49506	CVE-2026-49506_CVE-2026-49506 Dell Wyse Management Suite, versions prior to WMS 5.5 HF1, contain an Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'...	Dell	Wyse Management Suite	Jun 25, 2026	CVE
HIGH 7.1	CVE-2026-47154	Simple Metering GetProfileResponse interval-bounds bug in EmberZNet v9.0.2_CVE-2026-47154 In EmberZNet v9.0.2 and earlier, a malformed GetProfileResponse message can trigger out-of-bounds reads while iterating interval entries and termin...	Silicon Labs	EmberZNet	Jun 25, 2026	CVE