HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.5	CVE-2025-52820	WordPress WooCommerce Point Of Sale (POS) <= 1.4 - SQL Injection Vulnerability_CVE-2025-52820 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in infosoftplugin WooCommerce Point Of Sale (POS...	infosoftplugin	WooCommerce Point Of Sale (POS) n/a	Aug 14, 2025	CVE
HIGH 7.5	CVE-2025-52806	WordPress JobSearch Plugin <= 2.9.0 - Local File Inclusion Vulnerability_CVE-2025-52806 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in eyecix JobSearch allows PH...	eyecix	JobSearch n/a	Aug 14, 2025	CVE
HIGH 7.3	CVE-2025-52801	WordPress TheBooking Plugin <= 1.4.4 - Broken Access Control Vulnerability_CVE-2025-52801 Missing Authorization vulnerability in VonStroheim TheBooking allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects T...	VonStroheim	TheBooking n/a	Aug 14, 2025	CVE
HIGH 7.3	CVE-2025-52800	WordPress The E-Commerce ERP <= 2.1.1.3 - Broken Access Control Vulnerability_CVE-2025-52800 Missing Authorization vulnerability in Unity Business Technology Pty Ltd The E-Commerce ERP allows Accessing Functionality Not Properly Constrained...	Unity Business Technology Pty Ltd	The E-Commerce ERP n/a	Aug 14, 2025	CVE
HIGH 7.1	CVE-2025-52788	WordPress CaptionPix <= 1.8 - Cross Site Scripting (XSS) Vulnerability_CVE-2025-52788 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Russell Jamieson CaptionPix allows Reflected ...	Russell Jamieson	CaptionPix n/a	Aug 14, 2025	CVE
HIGH 7.1	CVE-2025-52785	WordPress SMM API Plugin <= 6.0.30 - Broken Access Control Vulnerability_CVE-2025-52785 Missing Authorization vulnerability in softnwords SMM API allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affec...	softnwords	SMM API n/a	Aug 14, 2025	CVE
HIGH 7.1	CVE-2025-52775	WordPress Project Cost Calculator Plugin <= 1.0.0 - Broken Access Control Vulnerability_CVE-2025-52775 Missing Authorization vulnerability in Ronik@UnlimitedWP Project Cost Calculator allows Exploiting Incorrectly Configured Access Control Security L...	Ronik@UnlimitedWP	Project Cost Calculator n/a	Aug 14, 2025	CVE
HIGH 8.8	CVE-2025-52732	WordPress Google Map Targeting Plugin <= 1.1.6 - Local File Inclusion Vulnerability_CVE-2025-52732 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in RealMag777 Google Map Targ...	RealMag777	Google Map Targeting n/a	Aug 14, 2025	CVE
HIGH 7.5	CVE-2025-52731	WordPress WordPress Event Manager, Event Calendar and Booking Plugin Plugin <= 4.0.24 - Arbitrary Content Deletion Vulnerability_CVE-2025-52731 Missing Authorization vulnerability in themefunction WordPress Event Manager, Event Calendar and Booking Plugin allows Exploiting Incorrectly Confi...	themefunction	WordPress Event Manager, Event Calendar and Booking Plugin n/a	Aug 14, 2025	CVE
HIGH 7.5	CVE-2025-52728	WordPress Responsive Posts Carousel WordPress Plugin Plugin <= 15.0 - Local File Inclusion Vulnerability_CVE-2025-52728 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WebCodingPlace Responsive ...	WebCodingPlace	Responsive Posts Carousel WordPress Plugin n/a	Aug 14, 2025	CVE