category_cve - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 4.3	CVE-2026-57648	WordPress Nelio Content plugin <= 4.3.4 - Broken Access Control vulnerability_CVE-2026-57648 Contributor Broken Access Control in Nelio Content	Nelio Software	Nelio Content n/a	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-57647	WordPress Panorama Viewer – 360 Degree Image + Video Viewer plugin <= 1.6.1 - Local File Inclusion vulnerability_CVE-2026-57647 Contributor Local File Inclusion in Panorama Viewer – 360 Degree Image + Video Viewer	bPlugins	Panorama Viewer – 360 Degree Image + Video Viewer n/a	Jun 26, 2026	CVE
MEDIUM 5.4	CVE-2026-57646	WordPress Majestic Support plugin <= 1.1.7 - Insecure Direct Object References (IDOR) vulnerability_CVE-2026-57646 Subscriber Insecure Direct Object References (IDOR) in Majestic Support	Majestic Support	Majestic Support n/a	Jun 26, 2026	CVE
HIGH 8.1	CVE-2026-57645	WordPress Newsletters plugin <= 4.13 - Broken Access Control vulnerability_CVE-2026-57645 newsletters_subscribers Broken Access Control in Newsletters	Tribulant Software	Newsletters n/a	Jun 26, 2026	CVE
HIGH 8.5	CVE-2026-57644	WordPress Restaurant Menu by MotoPress plugin <= 2.4.10 - SQL Injection vulnerability_CVE-2026-57644 Contributor SQL Injection in Restaurant Menu by MotoPress	jetmonsters	Restaurant Menu by MotoPress n/a	Jun 26, 2026	CVE
HIGH 8.5	CVE-2026-57643	WordPress WP Post Author plugin <= 3.9.1 - SQL Injection vulnerability_CVE-2026-57643 Contributor SQL Injection in WP Post Author	AF themes	WP Post Author n/a	Jun 26, 2026	CVE
HIGH 8.5	CVE-2026-57642	WordPress Gallery plugin <= 4.7.8 - SQL Injection vulnerability_CVE-2026-57642 Contributor SQL Injection in Gallery	bestwebsoft	Gallery n/a	Jun 26, 2026	CVE
MEDIUM 6.5	CVE-2026-57641	WordPress Real Estate 7 theme <= 3.5.9 - Cross Site Request Forgery (CSRF) vulnerability_CVE-2026-57641 Unauthenticated Cross Site Request Forgery (CSRF) in Real Estate 7	Contempoinc	Real Estate 7 n/a	Jun 26, 2026	CVE
MEDIUM 4.3	CVE-2026-57640	WordPress MasterStudy LMS plugin <= 3.7.30 - Broken Access Control vulnerability_CVE-2026-57640 Subscriber Broken Access Control in MasterStudy LMS	Stylemix	MasterStudy LMS n/a	Jun 26, 2026	CVE
MEDIUM 6.5	CVE-2026-57638	WordPress Fluent Booking plugin <= 2.1.0 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57638 Contributor Cross Site Scripting (XSS) in Fluent Booking	WPManageNinja LLC	Fluent Booking n/a	Jun 26, 2026	CVE