HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.1	CVE-2025-58954	WordPress HomeRoofer theme <= 2.11.0 - Local File Inclusion vulnerability_CVE-2025-58954 Unauthenticated Local File Inclusion in HomeRoofer	ThemeREX	HomeRoofer n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2025-58953	WordPress Joly theme <= 1.22.0 - Local File Inclusion vulnerability_CVE-2025-58953 Unauthenticated Local File Inclusion in Joly	ThemeREX	Joly n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2025-58952	WordPress Neuronet theme < 1.14.0 - Local File Inclusion vulnerability_CVE-2025-58952 Unauthenticated Local File Inclusion in Neuronet < 1.14.0 versions.	ThemeREX	Neuronet n/a	Jun 17, 2026	CVE
HIGH 7.5	CVE-2025-49403	WordPress Premium Age Verification / Restriction for WordPress Plugin <= 3.0.2 - Arbitrary File Download Vulnerability_CVE-2025-49403 Unauthenticated Arbitrary File Download in Premium Age Verification / Restriction for WordPress	AA-Team	Premium Age Verification / Restriction for WordPress n/a	Jun 17, 2026	CVE
HIGH 8.8	EC416CA3-37BE-	Exploit for CVE-2026-7654_EC416CA3-37BE-51FE-AC7A-41244A101E66 CVE-2026-7654 CVE-2026-7654 Admin Columns PHP Object Injection RCE Exploit...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
HIGH 8.8	7CF479F9-DCFD-	Exploit for CVE-2026-7465_7CF479F9-DCFD-55E9-ACB6-F0D34AD20631 -CVE-2026-7465 CVE-2026-7465 Spectra Gutenberg Blocks Authenticated RCE Exploit...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
HIGH 7.5	19A4481C-6D82-	Exploit for CVE-2026-7459_19A4481C-6D82-51BE-9CBD-2BBC039DC9FE CVE-2026-7459 CVE-2026-7459 Simple History Missing Authorization Account Takeover Exploit...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
HIGH 8.8	8B9B93FC-8C77-	Exploit for CVE-2026-5415_8B9B93FC-8C77-5E42-B472-87FA60C69926 CVE-2026-5415 CVE-2026-5415 WP Captcha PRO Authenticated Authentication Bypass Exploit...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
HIGH 7.5	64C268B8-DAA9-	Exploit for CVE-2026-49083_64C268B8-DAA9-5742-A8DC-477457B77A6F CVE-2026-49083 CVE-2026-49083 LatePoint Calendar Booking Plugin Privilege Escalation Exploit...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
HIGH 8.8	CVE-2026-12165	Contest Gallery <= 30.0.2 - Authenticated (Author+) Privilege Escalation via 'RegistryUserRole' Parameter_CVE-2026-12165 The Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe plugin for WordPress is vulnerable to Privilege Escalation in all vers...	contest-gallery	Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe	Jun 17, 2026	CVE