MEDIUM - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.5	CVE-2026-57334	WordPress WP User Frontend plugin <= 4.3.7 - Broken Access Control vulnerability_CVE-2026-57334 Unauthenticated Broken Access Control in WP User Frontend	weDevs	WP User Frontend n/a	Jun 29, 2026	CVE
MEDIUM 6.5	CVE-2026-57330	WordPress MasterStudy LMS plugin <= 3.7.27 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57330 Subscriber Cross Site Scripting (XSS) in MasterStudy LMS	Stylemix	MasterStudy LMS n/a	Jun 29, 2026	CVE
MEDIUM 6.5	CVE-2026-57329	WordPress WooCommerce Designer Pro plugin <= 1.9.34 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57329 Subscriber Cross Site Scripting (XSS) in WooCommerce Designer Pro	WOOCOMMERCE DESIGNER PRO	WooCommerce Designer Pro n/a	Jun 29, 2026	CVE
MEDIUM 6.5	CVE-2026-57328	WordPress Business Directory plugin <= 6.4.22 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57328 Subscriber Cross Site Scripting (XSS) in Business Directory	Strategy11 Team	Business Directory n/a	Jun 29, 2026	CVE
MEDIUM 6.3	CVE-2026-57327	WordPress MainWP plugin <= 6.1.1 - Broken Access Control vulnerability_CVE-2026-57327 Subscriber Broken Access Control in MainWP	mainwp	MainWP n/a	Jun 29, 2026	CVE
MEDIUM 6.5	CVE-2026-57326	WordPress Business Directory plugin <= 6.4.22 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57326 Unauthenticated Cross Site Scripting (XSS) in Business Directory	Strategy11 Team	Business Directory n/a	Jun 29, 2026	CVE
MEDIUM 4.4	CVE-2026-46406	Claude Code: Insecure Temporary File in /copy Command Enables Response Disclosure and Symlink-Based File Write_CVE-2026-46406 Claude Code is an agentic coding tool. From 2.1.59 until 2.1.128, the Claude Code /copy command wrote responses to a hardcoded, predictable path (...	anthropics	claude-code >= 2.1.59, < 2.1.128	Jun 29, 2026	CVE
MEDIUM 5.3	CVE-2026-13579	itsourcecode Hospital Management System patientchangepassword.php sql injection_CVE-2026-13579 A weakness has been identified in itsourcecode Hospital Management System 1.0. Affected by this issue is some unknown functionality of the file /pa...	itsourcecode	Hospital Management System 1.0	Jun 29, 2026	CVE
MEDIUM 5.3	CVE-2026-13578	itsourcecode Hospital Management System patientdetail.php sql injection_CVE-2026-13578 A security flaw has been discovered in itsourcecode Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of t...	itsourcecode	Hospital Management System 1.0	Jun 29, 2026	CVE
MEDIUM 4.8	CVE-2026-13574	llvm llvm-project Bitcode File IntrinsicInst.cpp getBasePtr heap-based overflow_CVE-2026-13574 A vulnerability was determined in llvm llvm-project up to 22.1.6. This impacts the function GCRelocateInst::getBasePtr in the library llvm/lib/IR/I...	llvm	llvm-project 22.1.0	Jun 29, 2026	CVE