CVE - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.3	CVE-2026-48886	WordPress JS Help Desk plugin <= 3.0.9 - SQL Injection vulnerability_CVE-2026-48886 Unauthenticated SQL Injection in JS Help Desk	Ahmad	JS Help Desk n/a	Jun 15, 2026	CVE
HIGH 7.1	CVE-2026-48885	WordPress HollerBox plugin <= 2.3.10.1 - Cross Site Scripting (XSS) vulnerability_CVE-2026-48885 Unauthenticated Cross Site Scripting (XSS) in HollerBox	Groundhogg	HollerBox n/a	Jun 15, 2026	CVE
HIGH 7.5	CVE-2026-48883	WordPress WPC Product Bundles for WooCommerce plugin <= 8.5.3 - Broken Access Control vulnerability_CVE-2026-48883 Unauthenticated Broken Access Control in WPC Product Bundles for WooCommerce	WPClever	WPC Product Bundles for WooCommerce n/a	Jun 15, 2026	CVE
HIGH 8.5	CVE-2026-48882	WordPress WP Time Slots Booking Form plugin <= 1.2.50 - SQL Injection vulnerability_CVE-2026-48882 Subscriber SQL Injection in WP Time Slots Booking Form	codepeople	WP Time Slots Booking Form n/a	Jun 15, 2026	CVE
CRITICAL 9.1	CVE-2026-48881	WordPress TrueBooker plugin <= 1.1.9 - Broken Access Control vulnerability_CVE-2026-48881 Unauthenticated Broken Access Control in TrueBooker	themetechmount	TrueBooker n/a	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2026-48880	WordPress WP Job Portal plugin <= 2.5.2 - Cross Site Scripting (XSS) vulnerability_CVE-2026-48880 Subscriber Cross Site Scripting (XSS) in WP Job Portal	Ahmad	WP Job Portal n/a	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2026-48878	WordPress Visual Link Preview plugin <= 2.4.1 - Sensitive Data Exposure vulnerability_CVE-2026-48878 Subscriber Sensitive Data Exposure in Visual Link Preview	Bootstrapped Ventures	Visual Link Preview n/a	Jun 15, 2026	CVE
HIGH 7.1	CVE-2026-48876	WordPress Stop Spammers plugin <= 2026.3 - Cross Site Scripting (XSS) vulnerability_CVE-2026-48876 Unauthenticated Cross Site Scripting (XSS) in Stop Spammers	Web Guy	Stop Spammers n/a	Jun 15, 2026	CVE
HIGH 8.5	CVE-2026-48874	WordPress GamiPress plugin <= 7.8.7 - SQL Injection vulnerability_CVE-2026-48874 Subscriber SQL Injection in GamiPress	Ruben Garcia	GamiPress n/a	Jun 15, 2026	CVE
HIGH 7.5	CVE-2026-48873	WordPress Montonio for WooCommerce plugin <= 10.1.2 - Broken Access Control vulnerability_CVE-2026-48873 Unauthenticated Broken Access Control in Montonio for WooCommerce	Montonio	Montonio for WooCommerce n/a	Jun 15, 2026	CVE