tapic - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.1	CVE-2026-39447	WordPress Simply Schedule Appointments plugin <= 1.6.10.6 - Cross Site Scripting (XSS) vulnerability_CVE-2026-39447 Unauthenticated Cross Site Scripting (XSS) in Simply Schedule Appointments	NSquared	Simply Schedule Appointments n/a	Jun 15, 2026	CVE
CRITICAL 9.3	CVE-2026-39441	WordPress Feed KuantoKusta for WooCommerce – Free plugin <= 5.3 - SQL Injection vulnerability_CVE-2026-39441 Unauthenticated SQL Injection in Feed KuantoKusta for WooCommerce – Free	Naked Cat Plugins (by Webdados)	Feed KuantoKusta for WooCommerce – Free n/a	Jun 15, 2026	CVE
HIGH 7.1	CVE-2026-39435	WordPress CformsII plugin <= 15.1.3 - Cross Site Scripting (XSS) vulnerability_CVE-2026-39435 Unauthenticated Cross Site Scripting (XSS) in CformsII	bgermann	CformsII n/a	Jun 15, 2026	CVE
HIGH 7.2	CVE-2026-39434	WordPress CTX Feed plugin <= 6.6.26 - PHP Object Injection vulnerability_CVE-2026-39434 Shop manager PHP Object Injection in CTX Feed	WebAppick	CTX Feed n/a	Jun 15, 2026	CVE
HIGH 7.1	CVE-2026-34902	WordPress WooCommerce Product Table Lite plugin <= 4.6.3 - Cross Site Scripting (XSS) vulnerability_CVE-2026-34902 Unauthenticated Cross Site Scripting (XSS) in WooCommerce Product Table Lite	WC Product Table	WooCommerce Product Table Lite n/a	Jun 15, 2026	CVE
CRITICAL 9.8	CVE-2026-34901	WordPress iControlWP plugin <= 5.5.3 - Privilege Escalation vulnerability_CVE-2026-34901 Unauthenticated Privilege Escalation in iControlWP	Paul	iControlWP n/a	Jun 15, 2026	CVE
HIGH 7.1	CVE-2026-34900	WordPress GiveWP plugin <= 4.14.2 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-34900 Unauthenticated Cross Site Scripting (XSS) in GiveWP	Liquid Web / StellarWP	GiveWP n/a	Jun 15, 2026	CVE
HIGH 7.5	CVE-2026-34898	WordPress Event Tickets Manager for WooCommerce plugin <= 1.5.3 - Broken Access Control vulnerability_CVE-2026-34898 Unauthenticated Broken Access Control in Event Tickets Manager for WooCommerce	WP Swings	Event Tickets Manager for WooCommerce n/a	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2026-34892	WordPress Rank Math SEO plugin <= 1.0.271 - Broken Access Control vulnerability_CVE-2026-34892 Subscriber Broken Access Control in Rank Math SEO	Rank Math SEO	Rank Math SEO n/a	Jun 15, 2026	CVE
HIGH 7.5	CVE-2026-34891	WordPress IDPay Payment Gateway for Woocommerce plugin <= 2.2.5 - Sensitive Data Exposure vulnerability_CVE-2026-34891 Unauthenticated Sensitive Data Exposure in IDPay Payment Gateway for Woocommerce	IDPay	IDPay Payment Gateway for Woocommerce n/a	Jun 15, 2026	CVE