HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.5	CVE-2026-57644	WordPress Restaurant Menu by MotoPress plugin <= 2.4.10 - SQL Injection vulnerability_CVE-2026-57644 Contributor SQL Injection in Restaurant Menu by MotoPress	jetmonsters	Restaurant Menu by MotoPress n/a	Jun 26, 2026	CVE
HIGH 8.5	CVE-2026-57643	WordPress WP Post Author plugin <= 3.9.1 - SQL Injection vulnerability_CVE-2026-57643 Contributor SQL Injection in WP Post Author	AF themes	WP Post Author n/a	Jun 26, 2026	CVE
HIGH 8.5	CVE-2026-57642	WordPress Gallery plugin <= 4.7.8 - SQL Injection vulnerability_CVE-2026-57642 Contributor SQL Injection in Gallery	bestwebsoft	Gallery n/a	Jun 26, 2026	CVE
HIGH 8.5	CVE-2026-57636	WordPress wpForo Forum plugin <= 3.0.9 - SQL Injection vulnerability_CVE-2026-57636 Contributor SQL Injection in wpForo Forum	Tomdever	wpForo Forum n/a	Jun 26, 2026	CVE
HIGH 7.6	CVE-2026-57631	WordPress Popup box plugin <= 6.0.1 - SQL Injection vulnerability_CVE-2026-57631 Administrator SQL Injection in Popup box	Ays Pro	Popup box n/a	Jun 26, 2026	CVE
HIGH 7.6	CVE-2026-57628	WordPress WP All Import plugin <= 4.0.1 - SQL Injection vulnerability_CVE-2026-57628 Administrator SQL Injection in WP All Import	WP All Import	WP All Import n/a	Jun 26, 2026	CVE
HIGH 8.7	CVE-2026-57527	ZAP ViewState Add-on Insecure Deserialization via JSFViewState.decode()_CVE-2026-57527 Zed Attack Proxy (ZAP) ViewState add-on before version 4 contains an insecure deserialization vulnerability that allows attackers who control a pro...	zaproxy	zap-extensions	Jun 26, 2026	CVE
HIGH 7.1	CVE-2026-57325	WordPress NanoMag theme <= 1.8 - Cross Site Scripting (XSS) vulnerability_CVE-2026-57325 Unauthenticated Cross Site Scripting (XSS) in NanoMag	Jellywp	NanoMag n/a	Jun 26, 2026	CVE
HIGH 7.1	CVE-2026-57322	WordPress weMail plugin <= 2.1.2 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-57322 Unauthenticated Cross Site Scripting (XSS) in weMail	weDevs	weMail n/a	Jun 26, 2026	CVE
HIGH 7.1	CVE-2026-57321	WordPress H5P plugin <= 1.17.7 - Arbitrary File Deletion vulnerability_CVE-2026-57321 Contributor Arbitrary File Deletion in H5P	icc0rz	H5P n/a	Jun 26, 2026	CVE