HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.8	CVE-2025-23305	CVE-2025-23305_CVE-2025-23305 NVIDIA Megatron-LM for all platforms contains a vulnerability in the tools component, where an attacker may exploit a code injection issue. A succe...	NVIDIA	Megatron-LM All versions prior to 0.12.2	Aug 13, 2025	CVE
HIGH 8.1	CVE-2025-54701	WordPress Unicamp Theme <= 2.6.3 - Local File Inclusion Vulnerability_CVE-2025-54701 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Unicamp allows P...	ThemeMove	Unicamp n/a	Aug 14, 2025	CVE
HIGH 8.1	CVE-2025-54700	WordPress Makeaholic Theme <= 1.8.4 - Local File Inclusion Vulnerability_CVE-2025-54700 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in ThemeMove Makeaholic allow...	ThemeMove	Makeaholic n/a	Aug 14, 2025	CVE
HIGH 7.2	CVE-2025-54697	WordPress Kadence WooCommerce Email Designer Plugin <= 1.5.16 - Privilege Escalation Vulnerability_CVE-2025-54697 Incorrect Privilege Assignment vulnerability in Ben Ritner - Kadence WP Kadence WooCommerce Email Designer allows Privilege Escalation. This issue ...	Ben Ritner - Kadence WP	Kadence WooCommerce Email Designer n/a	Aug 14, 2025	CVE
HIGH 7.5	CVE-2025-54692	WordPress Membership For WooCommerce Plugin <= 2.9.0 - Broken Access Control Vulnerability_CVE-2025-54692 Missing Authorization vulnerability in WP Swings Membership For WooCommerce allows Accessing Functionality Not Properly Constrained by ACLs. This i...	WP Swings	Membership For WooCommerce n/a	Aug 14, 2025	CVE
HIGH 8.1	CVE-2025-54690	WordPress Xinterio Theme <= 4.2 - Local File Inclusion Vulnerability_CVE-2025-54690 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themeStek Xinterio allows ...	themeStek	Xinterio n/a	Aug 14, 2025	CVE
HIGH 8.1	CVE-2025-54689	WordPress Urna Theme <= 2.5.7 - Local File Inclusion Vulnerability_CVE-2025-54689 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in thembay Urna allows PHP Lo...	thembay	Urna n/a	Aug 14, 2025	CVE
HIGH 7.5	CVE-2025-54679	WordPress Neon Channel Product Customizer Free Plugin <= 2.0 - Arbitrary Content Deletion Vulnerability_CVE-2025-54679 Missing Authorization vulnerability in vertim Neon Channel Product Customizer Free allows Exploiting Incorrectly Configured Access Control Security...	vertim	Neon Channel Product Customizer Free n/a	Aug 14, 2025	CVE
HIGH 8.5	CVE-2025-52823	WordPress Cube Portfolio Plugin <= 1.16.8 - SQL Injection Vulnerability_CVE-2025-52823 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ovatheme Cube Portfolio allows SQL Injection....	ovatheme	Cube Portfolio n/a	Aug 14, 2025	CVE
HIGH 8.5	CVE-2025-52820	WordPress WooCommerce Point Of Sale (POS) <= 1.4 - SQL Injection Vulnerability_CVE-2025-52820 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in infosoftplugin WooCommerce Point Of Sale (POS...	infosoftplugin	WooCommerce Point Of Sale (POS) n/a	Aug 14, 2025	CVE