HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.6	CVE-2026-22343	WordPress WordPress Dating Theme theme <= 11.2.0 - Broken Access Control vulnerability_CVE-2026-22343 Unauthenticated Broken Access Control in WordPress Dating Theme	PremiumPress Limited.	WordPress Dating Theme n/a	Jun 17, 2026	CVE
HIGH 8.8	CVE-2026-22342	WordPress WordPress Dating Theme theme <= 11.2.0 - Cross Site Request Forgery (CSRF) to Account Takeover vulnerability_CVE-2026-22342 Unauthenticated Cross Site Request Forgery (CSRF) in WordPress Dating Theme	PremiumPress Limited.	WordPress Dating Theme n/a	Jun 17, 2026	CVE
HIGH 7.1	CVE-2026-22339	WordPress WPJobster theme <= 6.3.5 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-22339 Unauthenticated Cross Site Scripting (XSS) in WPJobster	Jobster Marketplace	WPJobster n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2026-22338	WordPress EcoBlue theme <= 1.15 - Local File Inclusion vulnerability_CVE-2026-22338 Unauthenticated Local File Inclusion in EcoBlue	ThemeREX	EcoBlue n/a	Jun 17, 2026	CVE
HIGH 8.5	CVE-2026-22335	WordPress WooCommerce Frontend Manager – Ultimate plugin < 6.7.7 - SQL Injection vulnerability_CVE-2026-22335 Subscriber SQL Injection in WooCommerce Frontend Manager – Ultimate < 6.7.7 versions.	WC Lovers.	WooCommerce Frontend Manager – Ultimate n/a	Jun 17, 2026	CVE
HIGH 7.5	CVE-2026-22334	WordPress Woocommerce Book Price plugin <= 1.3 - Arbitrary File Download vulnerability_CVE-2026-22334 Subscriber Arbitrary File Download in Woocommerce Book Price	WPos	Woocommerce Book Price n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2026-22331	WordPress AutoParts theme <= 1.5.8 - Local File Inclusion vulnerability_CVE-2026-22331 Unauthenticated Local File Inclusion in AutoParts	ThemeREX	AutoParts n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2026-22330	WordPress Right Way theme <= 4.0 - Local File Inclusion vulnerability_CVE-2026-22330 Unauthenticated Local File Inclusion in Right Way	Themeum	Right Way n/a	Jun 17, 2026	CVE
HIGH 7.1	CVE-2026-22329	WordPress Skillate theme <= 1.2.10 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-22329 Unauthenticated Cross Site Scripting (XSS) in Skillate	Themeum	Skillate n/a	Jun 17, 2026	CVE
HIGH 7.1	CVE-2026-22328	WordPress Auto Repair theme <= 22.6 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-22328 Unauthenticated Cross Site Scripting (XSS) in Auto Repair	VamTam	Auto Repair n/a	Jun 17, 2026	CVE