HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.1	CVE-2026-42775	WordPress AutomatorWP plugin <= 5.7.2 - Cross Site Scripting (XSS) vulnerability_CVE-2026-42775 Unauthenticated Cross Site Scripting (XSS) in AutomatorWP	Ruben Garcia	AutomatorWP n/a	Jun 15, 2026	CVE
HIGH 8.1	CVE-2026-42687	WordPress EventPrime plugin <= 4.3.2.1 - PHP Object Injection vulnerability_CVE-2026-42687 Unauthenticated PHP Object Injection in EventPrime	EventPrime	EventPrime n/a	Jun 15, 2026	CVE
HIGH 7.1	CVE-2026-42686	WordPress EventPrime plugin <= 4.3.2.1 - Cross Site Scripting (XSS) vulnerability_CVE-2026-42686 Subscriber Cross Site Scripting (XSS) in EventPrime	EventPrime	EventPrime n/a	Jun 15, 2026	CVE
HIGH 7.5	CVE-2026-42668	WordPress Email Marketing for WooCommerce by Omnisend plugin <= 1.18.0 - Broken Authentication vulnerability_CVE-2026-42668 Unauthenticated Broken Authentication in Email Marketing for WooCommerce by Omnisend	Omnisend	Email Marketing for WooCommerce by Omnisend n/a	Jun 15, 2026	CVE
HIGH 7.5	CVE-2026-42667	WordPress Bookly plugin <= 27.4 - Sensitive Data Exposure vulnerability_CVE-2026-42667 Unauthenticated Sensitive Data Exposure in Bookly	Bookly	Bookly n/a	Jun 15, 2026	CVE
HIGH 7.5	CVE-2026-42666	WordPress Salon booking system plugin <= 10.30.25 - Broken Access Control vulnerability_CVE-2026-42666 Unauthenticated Broken Access Control in Salon booking system	Dimitri Grassi	Salon booking system n/a	Jun 15, 2026	CVE
HIGH 8.2	CVE-2026-42664	WordPress AI Product Search for WooCommerce – Motive Commerce Search plugin <= 1.38.2 - Broken Access Control vulnerability_CVE-2026-42664 Unauthenticated Broken Access Control in AI Product Search for WooCommerce – Motive Commerce Search	Motive Commerce Search	AI Product Search for WooCommerce – Motive Commerce Search n/a	Jun 15, 2026	CVE
HIGH 8.8	CVE-2026-42661	WordPress WP Customer Area plugin <= 8.3.4 - Path Traversal vulnerability_CVE-2026-42661 Custom role Path Traversal in WP Customer Area	aguilatechnologies	WP Customer Area n/a	Jun 15, 2026	CVE
HIGH 7.1	CVE-2026-42658	WordPress Classified Listing plugin <= 5.3.8 - Cross Site Scripting (XSS) vulnerability_CVE-2026-42658 Unauthenticated Cross Site Scripting (XSS) in Classified Listing	Mamunur Rashid	Classified Listing n/a	Jun 15, 2026	CVE
HIGH 7.5	CVE-2026-42655	WordPress Best Payments Plugin for WP plugin <= 4.6.19 - Payment Bypass vulnerability_CVE-2026-42655 Unauthenticated Bypass Vulnerability in Best Payments Plugin for WP	WPManageNinja	Best Payments Plugin for WP n/a	Jun 15, 2026	CVE