HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.1	CVE-2025-69120	WordPress Dazzle theme <= 1.0.0 - Local File Inclusion vulnerability_CVE-2025-69120 Unauthenticated Local File Inclusion in Dazzle	ThemeREX	Dazzle n/a	Jun 17, 2026	CVE
HIGH 7.5	A3592ABD-E61F-	Exploit for CVE-2024-38819_A3592ABD-E61F-5364-B002-A96843C8D65B CVE-2024-38819 Customer Vault Lab This is a Cloud Foundry-ready Spring Boot demo for CVE-2024-38819, a Spring Framework path traversal vulnerabilit...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
HIGH 8.1	CVE-2025-69115	WordPress LuxMed \| Medicine & Healthcare Doctor WordPress Theme theme <= 1.2.2 - Local File Inclusion vulnerability_CVE-2025-69115 Unauthenticated Local File Inclusion in LuxMed \| Medicine & Healthcare Doctor WordPress Theme	ThemeREX	LuxMed \| Medicine & Healthcare Doctor WordPress Theme n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2025-69106	WordPress Imba theme <= 1.5.0 - Local File Inclusion vulnerability_CVE-2025-69106 Unauthenticated Local File Inclusion in Imba	ThemeREX	Imba n/a	Jun 17, 2026	CVE
HIGH 7.1	CVE-2025-68524	WordPress Avante theme < 3.0.5 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2025-68524 Unauthenticated Cross Site Scripting (XSS) in Avante < 3.0.5 versions.	ThemeGoods	Avante n/a	Jun 17, 2026	CVE
HIGH 7.8	THN:94FE03544D6...	Microsoft Confirms RoguePlanet Defender Zero-Day, Says Patch is in Development_THN:94FE03544D6E636174099B6432E3A507 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgy3ayOlDb3vsL747G9hStxxjTd3N5i2u8hegcT_hTs4RlNqylS_HyYH4mGLQEavD-QwH3G4l-p2tE5xrXoeK...	N/A	N/A	Jun 17, 2026	THN
HIGH 7.8	CVE-2026-0153	CVE-2026-0153_CVE-2026-0153 In Write of msg_to_host_buffer.cc, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of...	Google	Android Android kernel	Jun 16, 2026	CVE
HIGH 7.1	CVE-2026-9570	Taskbuilder < 5.0.8 - Reflected XSS via Shortcode_CVE-2026-9570 The Taskbuilder WordPress plugin before 5.0.8 does not properly sanitise a URL parameter before echoing it into inline JavaScript on a frontend pa...	Unknown	Taskbuilder	Jun 17, 2026	CVE
HIGH 7.1	CVE-2026-8089	weMail < 2.1.3 - Reflected Cross-Site Scripting_CVE-2026-8089 The weMail: Email Marketing, Email Automation, Newsletters, Subscribers & Email Optins for WooCommerce WordPress plugin before 2.1.3 does not prope...	Unknown	weMail: Email Marketing, Email Automation, Newsletters, Subscribers & Email Optins for WooCommerce	Jun 17, 2026	CVE
HIGH 7.5	CVE-2026-9690	WordPress WP Media folder Addon plugin <= 4.0.1 - Arbitrary File Download vulnerability_CVE-2026-9690 Unauthenticated Arbitrary File Download in WP Media folder Addon	Joomunited	WP Media folder Addon n/a	Jun 17, 2026	CVE