Vulnerability - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.8	CVE-2025-59563	WordPress Sonaar theme <= 4.27.4 - Privilege Escalation vulnerability_CVE-2025-59563 Subscriber Privilege Escalation in Sonaar	SONAAR MUSIC	Sonaar n/a	Jun 17, 2026	CVE
HIGH 7.1	CVE-2025-59560	WordPress Sonaar theme <= 4.27.4 - Cross Site Scripting (XSS) vulnerability_CVE-2025-59560 Unauthenticated Cross Site Scripting (XSS) in Sonaar	SONAAR MUSIC	Sonaar n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2025-58954	WordPress HomeRoofer theme <= 2.11.0 - Local File Inclusion vulnerability_CVE-2025-58954 Unauthenticated Local File Inclusion in HomeRoofer	ThemeREX	HomeRoofer n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2025-58953	WordPress Joly theme <= 1.22.0 - Local File Inclusion vulnerability_CVE-2025-58953 Unauthenticated Local File Inclusion in Joly	ThemeREX	Joly n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2025-58952	WordPress Neuronet theme < 1.14.0 - Local File Inclusion vulnerability_CVE-2025-58952 Unauthenticated Local File Inclusion in Neuronet < 1.14.0 versions.	ThemeREX	Neuronet n/a	Jun 17, 2026	CVE
HIGH 7.5	CVE-2025-49403	WordPress Premium Age Verification / Restriction for WordPress Plugin <= 3.0.2 - Arbitrary File Download Vulnerability_CVE-2025-49403 Unauthenticated Arbitrary File Download in Premium Age Verification / Restriction for WordPress	AA-Team	Premium Age Verification / Restriction for WordPress n/a	Jun 17, 2026	CVE
NONE	THN:1189634A854...	The Top 10 Attack Surface Exposures in 2026_THN:1189634A85494EE84689C077E832C081 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiM2DfFAWIuQ6v6hyh32CXcT_wKU72aTUxixyWIcnjW04ydv40r8RtVXjDrxKJzksW6zzqYciPMxgYAwcDGRz...	N/A	N/A	Jun 17, 2026	THN
NONE	HACKREAD:BA1BF8...	15 Malicious JetBrains Plugins Caught Stealing DeepSeek, OpenAI API Keys_HACKREAD:BA1BF8766F7EE3896A4C1156AAD8A007 Hackers are using 15 malicious JetBrains plugins posing as AI coding assistants to steal DeepSeek, OpenAI, and other developer API keys.	N/A	N/A	Jun 17, 2026	HACKREAD
NONE	THN:ECC0D33C2B0...	Malicious JetBrains Plugins Steal AI API Keys as Chrome Extensions Capture Chatbot Chats_THN:ECC0D33C2B0BB24AF000E39A12422CF1 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg2aRb82ydrk_lAXr6Yy-GmrPfQSaIuCNYTtB8dFm02DZWhJVj3bmjB3WLhWDUtiFmrGC3lHdeLfA2NtC6oHK...	N/A	N/A	Jun 17, 2026	THN
NONE	F14573CA-380C-	Exploit-Development_F14573CA-380C-5507-9F9E-DF1EF3185923 Exploit Development What does this repository Contain? This repository contains a collection of CVE research, patch diff analysis, reverse engineer...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT