HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.2	CVE-2026-42650	WordPress AutomatorWP plugin <= 5.6.7 - Cross Site Scripting (XSS) vulnerability_CVE-2026-42650 Unauthenticated Cross Site Scripting (XSS) in AutomatorWP	Ruben Garcia	AutomatorWP n/a	Jun 15, 2026	CVE
HIGH 7.1	CVE-2026-42649	WordPress Favicon Rotator plugin <= 1.2.11 - Cross Site Scripting (XSS) vulnerability_CVE-2026-42649 Unauthenticated Cross Site Scripting (XSS) in Favicon Rotator	Archetyped	Favicon Rotator n/a	Jun 15, 2026	CVE
HIGH 8.1	CVE-2026-42411	WordPress CloudSecure WP Security plugin <= 1.4.7 - Broken Authentication vulnerability_CVE-2026-42411 Unauthenticated Broken Authentication in CloudSecure WP Security	XServer	CloudSecure WP Security n/a	Jun 15, 2026	CVE
HIGH 7.5	CVE-2026-42384	WordPress Simply Schedule Appointments plugin < 1.6.11.2 - Sensitive Data Exposure vulnerability_CVE-2026-42384 Unauthenticated Sensitive Data Exposure in Simply Schedule Appointments < 1.6.11.2 versions.	NSquared	Simply Schedule Appointments n/a	Jun 15, 2026	CVE
HIGH 7.1	CVE-2026-40791	WordPress WP Time Slots Booking Form plugin <= 1.2.46 - Cross Site Scripting (XSS) vulnerability_CVE-2026-40791 Unauthenticated Cross Site Scripting (XSS) in WP Time Slots Booking Form	codepeople	WP Time Slots Booking Form n/a	Jun 15, 2026	CVE
HIGH 7.5	CVE-2026-40789	WordPress Amelia plugin <= 2.2 - Sensitive Data Exposure vulnerability_CVE-2026-40789 Unauthenticated Sensitive Data Exposure in Amelia	TMS	Amelia n/a	Jun 15, 2026	CVE
HIGH 7.1	CVE-2026-40788	WordPress ChatBot plugin <= 7.9.7 - Broken Access Control vulnerability_CVE-2026-40788 Subscriber Broken Access Control in ChatBot	QuantumCloud	ChatBot n/a	Jun 15, 2026	CVE
HIGH 7.1	CVE-2026-40787	WordPress Quiz And Survey Master plugin <= 11.0.0 - Cross Site Scripting (XSS) vulnerability_CVE-2026-40787 Unauthenticated Cross Site Scripting (XSS) in Quiz And Survey Master	ExpressTech	Quiz And Survey Master n/a	Jun 15, 2026	CVE
HIGH 7.1	CVE-2026-40785	WordPress AutomatorWP plugin <= 5.6.7 - Broken Authentication vulnerability_CVE-2026-40785 Subscriber Broken Authentication in AutomatorWP	Ruben Garcia	AutomatorWP n/a	Jun 15, 2026	CVE
HIGH 7.5	CVE-2026-40781	WordPress ReviewX plugin <= 2.3.6 - Broken Authentication vulnerability_CVE-2026-40781 Unauthenticated Broken Authentication in ReviewX	ReviewX	ReviewX n/a	Jun 15, 2026	CVE