CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.3	CVE-2025-54048	WordPress Custom API for WP <= 4.2.2 - SQL Injection Vulnerability_CVE-2025-54048 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in miniOrange Custom API for WP allows SQL Injec...	miniOrange	Custom API for WP n/a	Aug 20, 2025	CVE
CRITICAL 9.6	CVE-2025-49381	WordPress ads.txt Guru Connect Plugin <= 1.1.1 - Cross Site Request Forgery (CSRF) Vulnerability_CVE-2025-49381 Cross-Site Request Forgery (CSRF) vulnerability in ads.txt Guru ads.txt Guru Connect allows Cross Site Request Forgery. This issue affects ads.txt ...	ads.txt Guru	ads.txt Guru Connect n/a	Aug 20, 2025	CVE
CRITICAL 9.9	CVE-2025-54049	WordPress Custom API for WP <= 4.2.2 - Privilege Escalation Vulnerability_CVE-2025-54049 Incorrect Privilege Assignment vulnerability in miniOrange Custom API for WP allows Privilege Escalation. This issue affects Custom API for WP: fro...	miniOrange	Custom API for WP n/a	Aug 20, 2025	CVE
CRITICAL 9.9	CVE-2025-48169	WordPress Code Engine Plugin <= 0.3.3 - Remote Code Execution (RCE) Vulnerability_CVE-2025-48169 Improper Control of Generation of Code ('Code Injection') vulnerability in Jordy Meow Code Engine allows Remote Code Inclusion. This issue affects ...	Jordy Meow	Code Engine n/a	Aug 20, 2025	CVE
CRITICAL 10	CVE-2025-48148	WordPress StoreKeeper for WooCommerce Plugin <= 14.4.4 - Arbitrary File Upload Vulnerability_CVE-2025-48148 Unrestricted Upload of File with Dangerous Type vulnerability in StoreKeeper B.V. StoreKeeper for WooCommerce allows Using Malicious Files. This is...	StoreKeeper B.V.	StoreKeeper for WooCommerce n/a	Aug 20, 2025	CVE
CRITICAL 9.1	CVE-2025-54677	WordPress Online Booking & Scheduling Calendar for WordPress by vcita Plugin <= 4.5.3 - Arbitrary File Upload Vulnerability_CVE-2025-54677 Unrestricted Upload of File with Dangerous Type vulnerability in vcita Online Booking & Scheduling Calendar for WordPress by vcita allows Using Mal...	vcita	Online Booking & Scheduling Calendar for WordPress by vcita n/a	Aug 20, 2025	CVE
CRITICAL 9.8	CVE-2025-54713	WordPress Taxi Booking Manager for WooCommerce Plugin <= 1.3.0 - Broken Authentication Vulnerability_CVE-2025-54713 Authentication Bypass Using an Alternate Path or Channel vulnerability in magepeopleteam Taxi Booking Manager for WooCommerce allows Authentication...	magepeopleteam	Taxi Booking Manager for WooCommerce n/a	Aug 20, 2025	CVE
CRITICAL 9.3	CVE-2025-54726	WordPress JS Archive List Plugin < 6.1.6 - SQL Injection Vulnerability_CVE-2025-54726 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Miguel Useche JS Archive List allows SQL Inje...	Miguel Useche	JS Archive List n/a	Aug 20, 2025	CVE
CRITICAL 9.1	47BC8919-D66F-	Exploit for CVE-2025-29927_47BC8919-D66F-57B3-BAA6-820F1EE31E5C Vulnerable Next.js App for Pentesting Practice This is...	N/A	N/A	Aug 19, 2025	GITHUBEXPLOIT
CRITICAL 9.8	32EB4044-1536-	Exploit for Code Injection in Apache Dolphinscheduler_32EB4044-1536-57F2-B275-B07C83E2DDF6 Apache Dolphinscheduler About Apache DolphinScheduler is a modern...	N/A	N/A	Aug 19, 2025	GITHUBEXPLOIT