CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.3	CVE-2026-49084	WordPress JetEngine plugin < 3.8.9.1 - SQL Injection vulnerability_CVE-2026-49084 Unauthenticated SQL Injection in JetEngine < 3.8.9.1 versions.	Jetimpex Inc.	JetEngine n/a	Jun 17, 2026	CVE
CRITICAL 9.3	CVE-2026-49079	WordPress JetSearch plugin <= 3.5.17 - SQL Injection vulnerability_CVE-2026-49079 Unauthenticated SQL Injection in JetSearch	Jetimpex Inc.	JetSearch n/a	Jun 17, 2026	CVE
CRITICAL 9.3	CVE-2026-49076	WordPress JetEngine plugin <= 3.8.9.1 - SQL Injection vulnerability_CVE-2026-49076 Unauthenticated SQL Injection in JetEngine	Jetimpex Inc.	JetEngine n/a	Jun 17, 2026	CVE
CRITICAL 9.8	CVE-2026-49075	WordPress JetEngine plugin <= 3.8.9.1 - PHP Object Injection vulnerability_CVE-2026-49075 Contributor PHP Object Injection in JetEngine	Jetimpex Inc.	JetEngine n/a	Jun 17, 2026	CVE
CRITICAL 9.8	CVE-2026-49058	WordPress LoginPress Pro plugin <= 6.2.2 - Privilege Escalation vulnerability_CVE-2026-49058 Unauthenticated Privilege Escalation in LoginPress Pro	LoginPress	LoginPress Pro n/a	Jun 17, 2026	CVE
CRITICAL 9.3	CVE-2026-48875	WordPress JetSmartFilters plugin <= 3.8.1 - SQL Injection vulnerability_CVE-2026-48875 Unauthenticated SQL Injection in JetSmartFilters	Jetimpex Inc.	JetSmartFilters n/a	Jun 17, 2026	CVE
CRITICAL 9.8	CVE-2026-42380	WordPress AI Lab theme < 5.4.2 - PHP Object Injection vulnerability_CVE-2026-42380 Unauthenticated PHP Object Injection in AI Lab < 5.4.2 versions.	jwsthemes	AI Lab n/a	Jun 17, 2026	CVE
CRITICAL 9.9	CVE-2026-40783	WordPress Blocksy Companion Pro plugin <= 2.1.37 - Remote Code Execution (RCE) vulnerability_CVE-2026-40783 Contributor Remote Code Execution (RCE) in Blocksy Companion Pro	Creative Themes	Blocksy Companion Pro n/a	Jun 17, 2026	CVE
CRITICAL 9.9	CVE-2026-40749	WordPress Charity Zone theme <= 1.1.1 - Arbitrary File Upload vulnerability_CVE-2026-40749 Subscriber Arbitrary File Upload in Charity Zone	themagnifico52	Charity Zone n/a	Jun 17, 2026	CVE
CRITICAL 9.9	CVE-2026-40748	WordPress Kids Gift Shop theme <= 0.5.4 - Arbitrary File Upload vulnerability_CVE-2026-40748 Subscriber Arbitrary File Upload in Kids Gift Shop	themagnifico52	Kids Gift Shop n/a	Jun 17, 2026	CVE