HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.1	CVE-2026-39548	WordPress MagOne theme <= 9.0 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-39548 Unauthenticated Cross Site Scripting (XSS) in MagOne	Sneeit	MagOne n/a	Jun 16, 2026	CVE
HIGH 8.1	CVE-2026-39547	WordPress Getaway theme < 1.8 - Local File Inclusion vulnerability_CVE-2026-39547 Unauthenticated Local File Inclusion in Getaway < 1.8 versions.	Select-Themes	Getaway n/a	Jun 16, 2026	CVE
HIGH 8.1	CVE-2026-39539	WordPress Alloggio – Hotel Booking theme <= 2.1.2 - PHP Object Injection vulnerability_CVE-2026-39539 Unauthenticated PHP Object Injection in Alloggio - Hotel Booking	Edge-Themes	Alloggio - Hotel Booking n/a	Jun 16, 2026	CVE
HIGH 8.1	CVE-2026-39522	WordPress Solene theme <= 3.4 - Local File Inclusion vulnerability_CVE-2026-39522 Unauthenticated Local File Inclusion in Solene	Elated-Themes	Solene n/a	Jun 16, 2026	CVE
HIGH 8.1	CVE-2026-39446	WordPress Kapee theme < 1.7.0 - PHP Object Injection vulnerability_CVE-2026-39446 Unauthenticated PHP Object Injection in Kapee < 1.7.0 versions.	PressLayouts	Kapee n/a	Jun 16, 2026	CVE
HIGH 8.1	CVE-2026-39443	WordPress EmallShop theme <= 2.4.21 - PHP Object Injection vulnerability_CVE-2026-39443 Unauthenticated PHP Object Injection in EmallShop	PressLayouts	EmallShop n/a	Jun 16, 2026	CVE
HIGH 8.1	CVE-2026-34895	WordPress Softlab Core plugin < 1.2.11 - Local File Inclusion vulnerability_CVE-2026-34895 Unauthenticated Local File Inclusion in Softlab Core < 1.2.11 versions.	WebGeniusLab	Softlab Core n/a	Jun 16, 2026	CVE
HIGH 8.1	CVE-2026-34894	WordPress Integrio Core plugin < 1.2.8 - Local File Inclusion vulnerability_CVE-2026-34894 Unauthenticated Local File Inclusion in Integrio Core < 1.2.8 versions.	WebGeniusLab	Integrio Core n/a	Jun 16, 2026	CVE
HIGH 8.1	CVE-2026-34893	WordPress Thegov Core plugin < 2.0.23 - Local File Inclusion vulnerability_CVE-2026-34893 Unauthenticated Local File Inclusion in Thegov Core < 2.0.23 versions.	WebGeniusLab	Thegov Core n/a	Jun 16, 2026	CVE
HIGH 8.8	CVE-2026-12256	WordPress Avada theme <= 3.15.3 - PHP Object Injection vulnerability_CVE-2026-12256 Contributor PHP Object Injection in Avada	ThemeFusion	Avada n/a	Jun 16, 2026	CVE