MEDIUM - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.5	CVE-2025-15659	WordPress Elizaibots plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability_CVE-2025-15659 Contributor Cross Site Scripting (XSS) in Elizaibots	liseperu	Elizaibots n/a	Jun 15, 2026	CVE
MEDIUM 5.9	CVE-2025-15658	WordPress WP Emmet plugin <= 0.3.4 - Cross Site Scripting (XSS) vulnerability_CVE-2025-15658 Administrator Cross Site Scripting (XSS) in WP Emmet	rewish	WP Emmet n/a	Jun 15, 2026	CVE
MEDIUM 5.3	CVE-2026-8385	WP Go Maps < 10.0.10 - Unauthenticated Sensitive Information Disclosure via Datatables AJAX Fallback_CVE-2026-8385 The WP Go Maps WordPress plugin before 10.0.10 does not properly enforce the marker approval filter on the admin-ajax fallback for its datatables ...	Unknown	WP Go Maps	Jun 15, 2026	CVE
MEDIUM 6.3	CVE-2026-6517	Mattermost Desktop App fails to restrict the allow list of domains which NTLM credentials are passed_CVE-2026-6517 Mattermost Desktop App versions	Mattermost	Mattermost	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2026-48969	WordPress Really Simple SSL plugin <= 9.5.9 - Broken Access Control vulnerability_CVE-2026-48969 Subscriber Broken Access Control in Really Simple SSL	Really Simple Plugins B.V.	Really Simple SSL n/a	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2025-64215	WordPress MasterStudy LMS Pro plugin < 4.7.16 - Broken Access Control vulnerability_CVE-2025-64215 Missing Authorization vulnerability in StylemixThemes MasterStudy LMS Pro allows Accessing Functionality Not Properly Constrained by ACLs. This is...	StylemixThemes	MasterStudy LMS Pro n/a	Jun 15, 2026	CVE
MEDIUM 6.9	CVE-2026-34030	Improper branch-code validation in Wertheim SafeController Software allows file path manipulation_CVE-2026-34030 The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, does not sufficiently validate the branch code when a new branch is created....	Wertheim GmbH	Wertheim SafeController Software for VAULT ROOMS (Safe Deposit Locker System) Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014	Jun 15, 2026	CVE
MEDIUM 6.8	CVE-2026-34029	Hard-coded cryptographic key in Wertheim SafeController Software allows decryption of sensitive configuration data_CVE-2026-34029 The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a hard-coded cryptographic key in the SafeSystem.Infrastructure.Sec...	Wertheim GmbH	Wertheim SafeController Software for VAULT ROOMS (Safe Deposit Locker System) Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014	Jun 15, 2026	CVE
MEDIUM 6.9	CVE-2026-34028	Unauthenticated direct access to web data in Wertheim SafeController Software exposes files_CVE-2026-34028 The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, exposes web-accessible file paths that are not protected by an authorization...	Wertheim GmbH	Wertheim SafeController Software for VAULT ROOMS (Safe Deposit Locker System) Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014	Jun 15, 2026	CVE
MEDIUM 5.3	CVE-2026-34027	Upload restriction bypass in Wertheim SafeController Software allows authenticated users to upload arbitrary files_CVE-2026-34027 The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains insufficient server-side file type validation in the /safe/contract...	Wertheim GmbH	Wertheim SafeController Software for VAULT ROOMS (Safe Deposit Locker System) Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014	Jun 15, 2026	CVE