CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.3	CVE-2026-42684	WordPress WP Job Portal plugin <= 2.5.1 - SQL Injection vulnerability_CVE-2026-42684 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ahmad WP Job Portal allows Blind SQL Injectio...	Ahmad	WP Job Portal n/a	Jun 2, 2026	CVE
CRITICAL 9.8	24F04D01-BD33-	Exploit for CVE-2026-8206_24F04D01-BD33-5E2E-AD1D-CA3966227567 CVE-2026-8206 - Kirki WordPress Plugin Mass Exploit Mass exploitation tool for CVE-2026-8206 – a critical vulnerability in the Kirki WordPress plug...	N/A	N/A	Jun 2, 2026	GITHUBEXPLOIT
CRITICAL 9.3	CVE-2026-34906	Server-Side Template Injection (SSTI) in Wirtualna Uczelnia_CVE-2026-34906 Server-Side Template Injection (SSTI) in Wirtualna Uczelnia allows an unauthenticated attacker to perform Remote Code Execution (RCE). In the endpo...	Simple SA	Wirtualna Uczelnia	Jun 2, 2026	CVE
CRITICAL 9.8	CVE-2025-53209	WordPress Masteriyo LMS PRO plugin <= 2.20.0 - Privilege Escalation Vulnerability_CVE-2025-53209 Incorrect Privilege Assignment vulnerability in Themeisle Masteriyo LMS PRO allows Privilege Escalation. This issue affects Masteriyo LMS PRO: fro...	Themeisle	Masteriyo LMS PRO n/a	Jun 2, 2026	CVE
CRITICAL 9.8	ACB372C1-16C6-	Exploit for Missing Authentication for Critical Function in Coreweave Marimo_ACB372C1-16C6-5ED3-B493-7F4AE7C5E504 CVE-2026-39987 - a full PTY shell Unauthenticated Stored Cross-Site Scripting Severity: CRITICAL CVSS: 9.8 Impact: Confidentiality, Integrity, Avai...	N/A	N/A	Jun 2, 2026	GITHUBEXPLOIT
CRITICAL 9.9	92F10C51-99EC-	Exploit for Improper Control of Dynamically-Managed Code Resources in Nocobase_92F10C51-99EC-5FAC-AF95-11D0B6BFF73A CVE-2026-34156 – NocoBase Sandbox Escape RCE -orange Authenticated Remote Code Execution in NocoBase versions ≤ 2.0.26 via workflow sandbox escape....	N/A	N/A	Jun 2, 2026	GITHUBEXPLOIT
CRITICAL 9.8	CC7CD69F-1974-	Exploit for Missing Authentication for Critical Function in Mcpjam Inspector_CC7CD69F-1974-569F-950F-4CDEA50F0227 CVE-2026-23744 --- Description MCPJam inspector is a local-first development platform for MCP servers. The versions =1.4.2 are vulnerable to remote...	N/A	N/A	Jun 2, 2026	GITHUBEXPLOIT
CRITICAL 9.8	CVE-2026-8206	Kirki 6.0.0 – 6.0.6 – Unauthenticated Privilege Escalation via ‘handle_forgot_password’_CVE-2026-8206 The Kirki – Freeform Page Builder, Website Builder & Customizer plugin for WordPress is vulnerable to privilege escalation via account takeover in ...	themeum	Kirki – Freeform Page Builder, Website Builder & Customizer 6.0.0	Jun 2, 2026	CVE
CRITICAL 9.8	966A6BD3-D47A-	Exploit for CVE-2026-8732_966A6BD3-D47A-5C10-8A7D-7EF9E9DA813A WP Maps Pro Unauthenticated Stored Cross-Site Scripting CVE-2026-8732 Overview A CRITICAL vulnerability, classified as CVE-2026-8732, has been iden...	N/A	N/A	Jun 2, 2026	GITHUBEXPLOIT
CRITICAL 9.8	6D8CA767-F358-	Exploit for Missing Authentication for Critical Function in Mcpjam Inspector_6D8CA767-F358-5C56-BADD-6DFCD0A054E9 No description provided...	N/A	N/A	Jun 2, 2026	GITHUBEXPLOIT