MEDIUM - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.5	CVE-2026-42743	WordPress Masteriyo – LMS plugin <= 2.1.8 - Broken Authentication vulnerability_CVE-2026-42743 Unauthenticated Broken Authentication in Masteriyo - LMS	ThemeGrill	Masteriyo - LMS n/a	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2026-42688	WordPress Modula Image Gallery plugin <= 2.14.23 - Cross Site Scripting (XSS) vulnerability_CVE-2026-42688 Subscriber Cross Site Scripting (XSS) in Modula Image Gallery	WP Chill	Modula Image Gallery n/a	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2026-42663	WordPress Simple Membership plugin <= 4.7.2 - Cross Site Scripting (XSS) vulnerability_CVE-2026-42663 Unauthenticated Cross Site Scripting (XSS) in Simple Membership	wp.insider	Simple Membership n/a	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2026-42662	WordPress Event Tickets plugin <= 5.27.5 - Bypass Vulnerability vulnerability_CVE-2026-42662 Unauthenticated Bypass Vulnerability in Event Tickets	Liquid Web / StellarWP	Event Tickets n/a	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2026-42660	WordPress Contest Gallery plugin <= 28.1.7 - Sensitive Data Exposure vulnerability_CVE-2026-42660 Subscriber Sensitive Data Exposure in Contest Gallery	Wasiliy Strecker	Contest Gallery n/a	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2026-42659	WordPress Advanced Form Integration plugin <= 1.126.12 - Broken Access Control vulnerability_CVE-2026-42659 Subscriber Broken Access Control in Advanced Form Integration	Nasir Ahmed	Advanced Form Integration n/a	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2026-42657	WordPress Contest Gallery plugin <= 28.1.7 - Other Vulnerability Type vulnerability_CVE-2026-42657 Unauthenticated Other Vulnerability Type in Contest Gallery	Wasiliy Strecker	Contest Gallery n/a	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2026-42656	WordPress Contest Gallery plugin <= 28.1.6 - Cross Site Scripting (XSS) vulnerability_CVE-2026-42656 Subscriber Cross Site Scripting (XSS) in Contest Gallery	Wasiliy Strecker	Contest Gallery n/a	Jun 15, 2026	CVE
MEDIUM 6.3	CVE-2026-42651	WordPress Classified Listing plugin <= 5.3.9 - Broken Access Control vulnerability_CVE-2026-42651 Subscriber Broken Access Control in Classified Listing	Mamunur Rashid	Classified Listing n/a	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2026-42640	WordPress Classified Listing plugin <= 5.3.8 - Broken Access Control vulnerability_CVE-2026-42640 Unauthenticated Broken Access Control in Classified Listing	Mamunur Rashid	Classified Listing n/a	Jun 15, 2026	CVE