HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.1	CVE-2026-39557	WordPress NeoBeat theme <= 1.7 - PHP Object Injection vulnerability_CVE-2026-39557 Unauthenticated PHP Object Injection in NeoBeat	Elated-Themes	NeoBeat n/a	Jun 16, 2026	CVE
HIGH 8.1	CVE-2026-39554	WordPress Fidalgo theme <= 1.2.2 - PHP Object Injection vulnerability_CVE-2026-39554 Unauthenticated PHP Object Injection in Fidalgo	Elated-Themes	Fidalgo n/a	Jun 16, 2026	CVE
HIGH 8.1	CVE-2026-39549	WordPress Aperitif theme <= 1.5 - Local File Inclusion vulnerability_CVE-2026-39549 Unauthenticated Local File Inclusion in Aperitif	Elated-Themes	Aperitif n/a	Jun 16, 2026	CVE
HIGH 7.1	CVE-2026-39548	WordPress MagOne theme <= 9.0 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-39548 Unauthenticated Cross Site Scripting (XSS) in MagOne	Sneeit	MagOne n/a	Jun 16, 2026	CVE
HIGH 8.1	CVE-2026-39547	WordPress Getaway theme < 1.8 - Local File Inclusion vulnerability_CVE-2026-39547 Unauthenticated Local File Inclusion in Getaway < 1.8 versions.	Select-Themes	Getaway n/a	Jun 16, 2026	CVE
HIGH 8.1	CVE-2026-39539	WordPress Alloggio – Hotel Booking theme <= 2.1.2 - PHP Object Injection vulnerability_CVE-2026-39539 Unauthenticated PHP Object Injection in Alloggio - Hotel Booking	Edge-Themes	Alloggio - Hotel Booking n/a	Jun 16, 2026	CVE
HIGH 8.1	CVE-2026-39522	WordPress Solene theme <= 3.4 - Local File Inclusion vulnerability_CVE-2026-39522 Unauthenticated Local File Inclusion in Solene	Elated-Themes	Solene n/a	Jun 16, 2026	CVE
HIGH 8.1	CVE-2026-39446	WordPress Kapee theme < 1.7.0 - PHP Object Injection vulnerability_CVE-2026-39446 Unauthenticated PHP Object Injection in Kapee < 1.7.0 versions.	PressLayouts	Kapee n/a	Jun 16, 2026	CVE
HIGH 8.1	CVE-2026-39443	WordPress EmallShop theme <= 2.4.21 - PHP Object Injection vulnerability_CVE-2026-39443 Unauthenticated PHP Object Injection in EmallShop	PressLayouts	EmallShop n/a	Jun 16, 2026	CVE
HIGH 8.1	CVE-2026-34895	WordPress Softlab Core plugin < 1.2.11 - Local File Inclusion vulnerability_CVE-2026-34895 Unauthenticated Local File Inclusion in Softlab Core < 1.2.11 versions.	WebGeniusLab	Softlab Core n/a	Jun 16, 2026	CVE