MEDIUM - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.5	CVE-2026-45256	Missing permission check in thr_kill2(2)_CVE-2026-45256 When used to deliver a signal to a specific thread, thr_kill2(2) called p_cansignal() to determine whether the operation was permitted but did not ...	FreeBSD	FreeBSD 15.0-RELEASE	Jun 26, 2026	CVE
MEDIUM 6.5	CVE-2026-30040	CVE-2026-30040_CVE-2026-30040 A heap overflow in the FSViewer.exe process of FastStone Image Viewer v8.3 allows attackers to cause a execute arbitrary code in the context of the...	n/a	n/a n/a	Jun 26, 2026	CVE
MEDIUM 5.3	CVE-2026-24547	WordPress SiteGround Email Marketing plugin <= 1.7.5 - Broken Access Control vulnerability_CVE-2026-24547 Unauthenticated Broken Access Control in SiteGround Email Marketing	SiteGround	SiteGround Email Marketing n/a	Jun 26, 2026	CVE
MEDIUM 6.5	CVE-2025-68075	WordPress BNE Testimonials plugin <= 2.0.8 - Cross Site Scripting (XSS) vulnerability_CVE-2025-68075 Contributor Cross Site Scripting (XSS) in BNE Testimonials	Kerry	BNE Testimonials n/a	Jun 26, 2026	CVE
MEDIUM 6.5	CVE-2025-68074	WordPress Image Carousel plugin <= 1.0.0.41 - Cross Site Scripting (XSS) vulnerability_CVE-2025-68074 Contributor Cross Site Scripting (XSS) in Image Carousel	GhozyLab	Image Carousel n/a	Jun 26, 2026	CVE
MEDIUM 5.3	CVE-2025-66123	WordPress BookPro plugin <= 1.1.0 - Insecure Direct Object References (IDOR) vulnerability_CVE-2025-66123 Unauthenticated Insecure Direct Object References (IDOR) in BookPro	About Envato	BookPro n/a	Jun 26, 2026	CVE
MEDIUM 5.3	CVE-2025-64637	WordPress Auros Core plugin <= 5.3.1 - Content Injection vulnerability_CVE-2025-64637 Unauthenticated Content Injection in Auros Core	Opal_WP	Auros Core n/a	Jun 26, 2026	CVE
MEDIUM 5.3	CVE-2025-64636	WordPress Donation Thermometer plugin <= 2.2.7 - Broken Access Control vulnerability_CVE-2025-64636 Unauthenticated Broken Access Control in Donation Thermometer	rhewlif	Donation Thermometer n/a	Jun 26, 2026	CVE
MEDIUM 4.3	CVE-2025-63079	WordPress Live Copy Paste for Elementor plugin <= 1.5.3 - Broken Access Control vulnerability_CVE-2025-63079 Contributor Broken Access Control in Live Copy Paste for Elementor	bdthemes	Live Copy Paste for Elementor n/a	Jun 26, 2026	CVE
MEDIUM 4.3	CVE-2025-63078	WordPress Restaurant Menu by MotoPress plugin <= 2.4.11 - Broken Access Control vulnerability_CVE-2025-63078 Subscriber Broken Access Control in Restaurant Menu by MotoPress	jetmonsters	Restaurant Menu by MotoPress n/a	Jun 26, 2026	CVE