HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.5	B1BB8CF9-0BFD-	Exploit for UNIX Symbolic Link Following in Litespeedtech Litespeed_Cpanel_Plugin_B1BB8CF9-0BFD-571E-8152-2D53A8245793 CVE-2026-54420 Mitigation Toolkit Defensive remediation, auditing, and verification toolkit for CVE-2026-54420 affecting LiteSpeed cPanel Plugin in...	N/A	N/A	Jun 16, 2026	GITHUBEXPLOIT
HIGH 8.8	CVE-2026-8444	WP Review Slider Pro <= 12.6.8 - Authenticated (Subscriber+) SQL Injection via 'curselrevs' Parameter_CVE-2026-8444 The WP Review Slider Pro plugin for WordPress is vulnerable to SQL Injection via the 'curselrevs[]' parameter of the wpfb_find_reviews AJAX action ...	https://wpreviewslider.com/	WP Review Slider Pro	Jun 16, 2026	CVE
HIGH 8.7	30AECF2C-E55B-	Exploit for CVE-2026-20262_30AECF2C-E55B-530A-B3C5-DC776BD957D4 cve-id ⚡ Simple Usage Use this project only in safe and authorized environments such as: - Local virtual machines - Docker containers - Isolated l...	N/A	N/A	Jun 16, 2026	GITHUBEXPLOIT
HIGH 8.7	EB7819E4-5D08-	Exploit for UNIX Symbolic Link Following in Litespeedtech Litespeed_Cpanel_Plugin_EB7819E4-5D08-5B2B-B382-7EDE03F6667E cve-id ⚡ Simple Usage Use this project only in safe and authorized environments such as: - Local virtual machines - Docker containers - Isolated l...	N/A	N/A	Jun 16, 2026	GITHUBEXPLOIT
HIGH 8.5	THN:5B94477ED5E...	CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation_THN:5B94477ED5EC6723600F72BC204673F2 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhweJrEaMuAEZCtL6h2H2XMxWOMGzKSktYq9kDvwXAGvIAt39-gz3irXruUA0KVSSupFdIh13o2F5quHfout0...	N/A	N/A	Jun 16, 2026	THN
HIGH 8.8	CVE-2026-8443	WP Review Slider Pro <= 12.6.8 - Authenticated (Subscriber+) SQL Injection via 'stypes' Parameter_CVE-2026-8443 The WP Review Slider Pro plugin for WordPress is vulnerable to SQL Injection via the 'stypes' and 'slocations' parameters of the wppro_get_overall_...	https://wpreviewslider.com/	WP Review Slider Pro	Jun 16, 2026	CVE
HIGH 8.8	CVE-2026-6933	Premmerce Dev Tools <= 2.0 - Missing Authorization to Authenticated (Subscriber+) Remote Code Execution via Plugin Creation_CVE-2026-6933 The Premmerce Dev Tools plugin for WordPress is vulnerable to Remote Code Execution via missing authorization in versions up to and including 2.0. ...	premmerce	Premmerce Dev Tools	Jun 16, 2026	CVE
HIGH 8.8	CVE-2026-7273	CVE-2026-7273_CVE-2026-7273 A stack-based buffer overflow vulnerability in the CGI program of Zyxel GS1900-48HPv2 firmware versions through 2.90(ABTQ.1)C0 could allow a LAN-ba...	Zyxel	GS1900-48HPv2 firmware <= 2.90(ABTQ.1)C0	Jun 16, 2026	CVE
HIGH 8.3	MS:CVE-2026-11653	Chromium: CVE-2026-11652 Use after free in Extensions_MS:CVE-2026-11653 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 16, 2026	MSCVE
HIGH 8.3	MS:CVE-2026-11656	Chromium: CVE-2026-11655 Integer overflow in Media_MS:CVE-2026-11656 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 16, 2026	MSCVE