HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.8	CVE-2025-69138	WordPress Genemy theme <= 1.6.6 - Privilege Escalation vulnerability_CVE-2025-69138 Subscriber Privilege Escalation in Genemy	Jthemes	Genemy n/a	Jun 17, 2026	CVE
HIGH 8.5	CVE-2025-69135	WordPress Events Schedule – WordPress Events Calendar Plugin plugin <= 2.7.2 - SQL Injection vulnerability_CVE-2025-69135 Subscriber SQL Injection in Events Schedule - WordPress Events Calendar Plugin	CurlyThemes	Events Schedule - WordPress Events Calendar Plugin n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2025-69117	WordPress Ingenioso theme <= 1.14.0 - Local File Inclusion vulnerability_CVE-2025-69117 Unauthenticated Local File Inclusion in Ingenioso	ThemeREX	Ingenioso n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2025-69110	WordPress AirSupply theme <= 2.0.0 - Local File Inclusion vulnerability_CVE-2025-69110 Unauthenticated Local File Inclusion in AirSupply	ThemeREX	AirSupply n/a	Jun 17, 2026	CVE
HIGH 7.7	CVE-2025-60223	WordPress WPBot Pro WordPress Chatbot plugin <= 13.6.5 - Arbitrary File Deletion vulnerability_CVE-2025-60223 Subscriber Arbitrary File Deletion in WPBot Pro Wordpress Chatbot	QuantumCloud	WPBot Pro Wordpress Chatbot n/a	Jun 17, 2026	CVE
HIGH 8.8	CVE-2025-59563	WordPress Sonaar theme <= 4.27.4 - Privilege Escalation vulnerability_CVE-2025-59563 Subscriber Privilege Escalation in Sonaar	SONAAR MUSIC	Sonaar n/a	Jun 17, 2026	CVE
HIGH 7.1	CVE-2025-59560	WordPress Sonaar theme <= 4.27.4 - Cross Site Scripting (XSS) vulnerability_CVE-2025-59560 Unauthenticated Cross Site Scripting (XSS) in Sonaar	SONAAR MUSIC	Sonaar n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2025-58954	WordPress HomeRoofer theme <= 2.11.0 - Local File Inclusion vulnerability_CVE-2025-58954 Unauthenticated Local File Inclusion in HomeRoofer	ThemeREX	HomeRoofer n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2025-58953	WordPress Joly theme <= 1.22.0 - Local File Inclusion vulnerability_CVE-2025-58953 Unauthenticated Local File Inclusion in Joly	ThemeREX	Joly n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2025-58952	WordPress Neuronet theme < 1.14.0 - Local File Inclusion vulnerability_CVE-2025-58952 Unauthenticated Local File Inclusion in Neuronet < 1.14.0 versions.	ThemeREX	Neuronet n/a	Jun 17, 2026	CVE