MEDIUM - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.5	CVE-2026-42657	WordPress Contest Gallery plugin <= 28.1.7 - Other Vulnerability Type vulnerability_CVE-2026-42657 Unauthenticated Other Vulnerability Type in Contest Gallery	Wasiliy Strecker	Contest Gallery n/a	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2026-42656	WordPress Contest Gallery plugin <= 28.1.6 - Cross Site Scripting (XSS) vulnerability_CVE-2026-42656 Subscriber Cross Site Scripting (XSS) in Contest Gallery	Wasiliy Strecker	Contest Gallery n/a	Jun 15, 2026	CVE
MEDIUM 6.3	CVE-2026-42651	WordPress Classified Listing plugin <= 5.3.9 - Broken Access Control vulnerability_CVE-2026-42651 Subscriber Broken Access Control in Classified Listing	Mamunur Rashid	Classified Listing n/a	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2026-42640	WordPress Classified Listing plugin <= 5.3.8 - Broken Access Control vulnerability_CVE-2026-42640 Unauthenticated Broken Access Control in Classified Listing	Mamunur Rashid	Classified Listing n/a	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2026-42378	WordPress WP Full Stripe Free plugin <= 8.4.1 - Broken Authentication vulnerability_CVE-2026-42378 Subscriber Broken Authentication in WP Full Stripe Free	Themeisle	WP Full Stripe Free n/a	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2026-41556	WordPress ProfilePress plugin <= 4.16.13 - Cross Site Scripting (XSS) vulnerability_CVE-2026-41556 Subscriber Cross Site Scripting (XSS) in ProfilePress	properfraction	ProfilePress n/a	Jun 15, 2026	CVE
MEDIUM 5.8	CVE-2026-40799	WordPress Simple Cloudflare Turnstile plugin <= 1.38.0 - Broken Authentication vulnerability_CVE-2026-40799 Unauthenticated Broken Authentication in Simple Cloudflare Turnstile	RelyWP	Simple Cloudflare Turnstile n/a	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2026-40796	WordPress WPPizza plugin <= 3.19.9 - Sensitive Data Exposure vulnerability_CVE-2026-40796 Subscriber Sensitive Data Exposure in WPPizza	ollybach	WPPizza n/a	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2026-40795	WordPress Amelia plugin <= 2.2 - Broken Access Control vulnerability_CVE-2026-40795 Subscriber Broken Access Control in Amelia	TMS	Amelia n/a	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2026-40794	WordPress myCred plugin <= 3.0.3 - Broken Access Control vulnerability_CVE-2026-40794 Subscriber Broken Access Control in myCred	myCred	myCred n/a	Jun 15, 2026	CVE