HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.1	CVE-2026-56041	WordPress Responsive Lightbox plugin <= 2.7.6 - Cross Site Scripting (XSS) vulnerability_CVE-2026-56041 Unauthenticated Cross Site Scripting (XSS) in Responsive Lightbox	dFactory	Responsive Lightbox n/a	Jun 26, 2026	CVE
HIGH 7.1	CVE-2026-56040	WordPress Gutenverse Form plugin <= 2.4.7 - Cross Site Scripting (XSS) vulnerability_CVE-2026-56040 Unauthenticated Cross Site Scripting (XSS) in Gutenverse Form	WordPress.com	Gutenverse Form n/a	Jun 26, 2026	CVE
HIGH 7.1	CVE-2026-56039	WordPress Quick Interest Slider plugin <= 3.1.6 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-56039 Unauthenticated Cross Site Scripting (XSS) in Quick Interest Slider	WordPress.com	Quick Interest Slider n/a	Jun 26, 2026	CVE
HIGH 8.8	CVE-2026-56038	WordPress Frisbii Pay plugin <= 1.8.2 - Privilege Escalation vulnerability_CVE-2026-56038 Contributor Privilege Escalation in Frisbii Pay	Frisbii	Frisbii Pay n/a	Jun 26, 2026	CVE
HIGH 8.6	CVE-2026-56035	WordPress BitFire Security plugin <= 5.0.3 - Multiple Vulnerabilities vulnerability_CVE-2026-56035 Unauthenticated Multiple Vulnerabilities in BitFire Security	Cory Marsh	BitFire Security n/a	Jun 26, 2026	CVE
HIGH 8.1	CVE-2026-56031	WordPress Uncanny Automator plugin <= 7.3.1.2 - PHP Object Injection vulnerability_CVE-2026-56031 Unauthenticated PHP Object Injection in Uncanny Automator	Uncanny Owl	Uncanny Automator n/a	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-56029	WordPress CorvusPay WooCommerce Payment Gateway plugin <= 2.7.4 - Broken Authentication vulnerability_CVE-2026-56029 Unauthenticated Broken Authentication in CorvusPay WooCommerce Payment Gateway	corvuspay	CorvusPay WooCommerce Payment Gateway n/a	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-56025	WordPress Paymob for WooCommerce plugin <= 4.1.2 - Broken Access Control vulnerability_CVE-2026-56025 Unauthenticated Broken Access Control in Paymob for WooCommerce	Paymob	Paymob for WooCommerce n/a	Jun 26, 2026	CVE
HIGH 7.1	CVE-2026-56011	WordPress MapPress Maps for WordPress plugin <= 2.97.3 - Cross Site Scripting (XSS) vulnerability_CVE-2026-56011 Unauthenticated Cross Site Scripting (XSS) in MapPress Maps for WordPress	chrisvrichardson	MapPress Maps for WordPress n/a	Jun 26, 2026	CVE
HIGH 8.8	CVE-2026-56010	WordPress Abandoned Cart Pro for WooCommerce plugin <= 10.4.0 - Privilege Escalation vulnerability_CVE-2026-56010 Subscriber Privilege Escalation in Abandoned Cart Pro for WooCommerce	Tyche Softwares.	Abandoned Cart Pro for WooCommerce n/a	Jun 26, 2026	CVE