HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.1	CVE-2026-54191	WordPress Pods plugin <= 3.3.8 - Cross Site Scripting (XSS) vulnerability_CVE-2026-54191 Unauthenticated Cross Site Scripting (XSS) in Pods	Pods Framework	Pods n/a	Jun 16, 2026	CVE
HIGH 7.5	CVE-2026-52714	WordPress SEO Plugin by Squirrly SEO plugin <= 12.4.16 - Broken Access Control vulnerability_CVE-2026-52714 Unauthenticated Broken Access Control in SEO Plugin by Squirrly SEO	SEO Squirrly	SEO Plugin by Squirrly SEO n/a	Jun 16, 2026	CVE
HIGH 7.6	CVE-2026-52712	WordPress Attendance Manager plugin <= 0.6.2 - SQL Injection vulnerability_CVE-2026-52712 Subscriber SQL Injection in Attendance Manager	tnomi	Attendance Manager n/a	Jun 16, 2026	CVE
HIGH 7.5	CVE-2026-52711	WordPress WooCommerce POS plugin <= 1.8.14 - Broken Access Control vulnerability_CVE-2026-52711 Unauthenticated Broken Access Control in WooCommerce POS	kilbot	WooCommerce POS n/a	Jun 16, 2026	CVE
HIGH 8.5	CVE-2026-39581	WordPress WP Sessions Time Monitoring Full Automatic plugin <= 1.1.4 - SQL Injection vulnerability_CVE-2026-39581 Subscriber SQL Injection in WP Sessions Time Monitoring Full Automatic	activity-log.com	WP Sessions Time Monitoring Full Automatic n/a	Jun 16, 2026	CVE
HIGH 7.5	CVE-2026-39490	WordPress JupiterX Core plugin <= 4.14.1 - Broken Access Control vulnerability_CVE-2026-39490 Unauthenticated Broken Access Control in JupiterX Core	artbees	JupiterX Core n/a	Jun 16, 2026	CVE
HIGH 7.1	CVE-2026-39437	WordPress Min Max Step Quantity Limits Manager for WooCommerce plugin <= 5.2.2 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-39437 Unauthenticated Cross Site Scripting (XSS) in Min Max Step Quantity Limits Manager for WooCommerce	WPFactory	Min Max Step Quantity Limits Manager for WooCommerce n/a	Jun 16, 2026	CVE
HIGH 7.1	CVE-2026-10825	Improper JSON Input Validation in WebSocket API Leads to Denial of Service_CVE-2026-10825 A denial-of-service vulnerability exists in the WebSocket API due to insufficient validation and handling of JSON-based requests. A low-privileged ...	Moxa	NPort 6000-G2 Series 1.0	Jun 16, 2026	CVE
HIGH 7.5	CVE-2025-68045	WordPress WP Event SOlution plugin <= 4.1.12 - Broken Access Control vulnerability_CVE-2025-68045 Unauthenticated Broken Access Control in WP Event SOlution	Arraytics	WP Event SOlution n/a	Jun 16, 2026	CVE
HIGH 8.5	B1BB8CF9-0BFD-	Exploit for UNIX Symbolic Link Following in Litespeedtech Litespeed_Cpanel_Plugin_B1BB8CF9-0BFD-571E-8152-2D53A8245793 CVE-2026-54420 Mitigation Toolkit Defensive remediation, auditing, and verification toolkit for CVE-2026-54420 affecting LiteSpeed cPanel Plugin in...	N/A	N/A	Jun 16, 2026	GITHUBEXPLOIT