CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.8	CVE-2026-49104	WordPress Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms plugin <= 1.2.1 - PHP Object Injection vulnerability_CVE-2026-49104 Unauthenticated PHP Object Injection in Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms	CRM Perks	Integration for Keap/infusionsoft and Contact Form 7, WPForms, Elementor, Formidable, Ninja Forms 1.2.1	Jun 15, 2026	CVE
CRITICAL 9.8	CVE-2026-49085	WordPress WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms plugin <= 1.1.4 - PHP Object Injection vulnerability_CVE-2026-49085 Unauthenticated PHP Object Injection in WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms	CRM Perks	WP Insightly for Contact Form 7, WPForms, Elementor, Formidable and Ninja Forms 1.1.4	Jun 15, 2026	CVE
CRITICAL 9.3	CVE-2026-49067	WordPress Advanced 301 and 302 Redirect plugin <= 1.6.9 - SQL Injection vulnerability_CVE-2026-49067 Unauthenticated SQL Injection in Advanced 301 and 302 Redirect	yydevelopment	Advanced 301 and 302 Redirect 1.6.9	Jun 15, 2026	CVE
CRITICAL 9.3	CVE-2026-48886	WordPress JS Help Desk plugin <= 3.0.9 - SQL Injection vulnerability_CVE-2026-48886 Unauthenticated SQL Injection in JS Help Desk	Ahmad	JS Help Desk n/a	Jun 15, 2026	CVE
CRITICAL 9.1	CVE-2026-48881	WordPress TrueBooker plugin <= 1.1.9 - Broken Access Control vulnerability_CVE-2026-48881 Unauthenticated Broken Access Control in TrueBooker	themetechmount	TrueBooker n/a	Jun 15, 2026	CVE
CRITICAL 10	CVE-2026-48836	WordPress Easy Invoice plugin <= 2.1.19 - Remote Code Execution (RCE) vulnerability_CVE-2026-48836 Unauthenticated Remote Code Execution (RCE) in Easy Invoice	MantraBrain	Easy Invoice n/a	Jun 15, 2026	CVE
CRITICAL 9.3	CVE-2026-45439	WordPress Realtyna Organic IDX plugin plugin <= 5.1.0 - SQL Injection vulnerability_CVE-2026-45439 Unauthenticated SQL Injection in Realtyna Organic IDX plugin	Realtyna	Realtyna Organic IDX plugin n/a	Jun 15, 2026	CVE
CRITICAL 9.3	CVE-2026-42665	WordPress WP Data Access plugin <= 5.5.70 - SQL Injection vulnerability_CVE-2026-42665 Unauthenticated SQL Injection in WP Data Access	Passionate Programmer Peter	WP Data Access n/a	Jun 15, 2026	CVE
CRITICAL 9.3	CVE-2026-42639	WordPress GD Rating System plugin <= 3.6.2 - SQL Injection vulnerability_CVE-2026-42639 Unauthenticated SQL Injection in GD Rating System	Dev4Press	GD Rating System n/a	Jun 15, 2026	CVE
CRITICAL 9.3	CVE-2026-42386	WordPress Order Delivery Date for WooCommerce plugin <= 4.5.1 - SQL Injection vulnerability_CVE-2026-42386 Unauthenticated SQL Injection in Order Delivery Date for WooCommerce	tychesoftwares	Order Delivery Date for WooCommerce n/a	Jun 15, 2026	CVE