Vulnerability - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9	CVE-2026-52705	WordPress SigmaForms Pro – AI Generated Forms plugin <= 1.4.5 - Arbitrary File Upload vulnerability_CVE-2026-52705 Unauthenticated Arbitrary File Upload in SigmaForms Pro – AI Generated Forms	BDthemes	SigmaForms Pro – AI Generated Forms 1.4.5	Jun 17, 2026	CVE
HIGH 7.4	CVE-2026-52698	WordPress PushEngage – Web Push Notifications, eCommerce Automation & Chat Widget plugin <= 4.2.3 - Sensitive Data Exposure vulnerability_CVE-2026-52698 Subscriber Sensitive Data Exposure in PushEngage – Web Push Notifications, eCommerce Automation & Chat Widget	Syed Balkhi	PushEngage – Web Push Notifications, eCommerce Automation & Chat Widget n/a	Jun 17, 2026	CVE
HIGH 7.5	CVE-2026-52696	WordPress JetBlog plugin <= 2.4.8 - Sensitive Data Exposure vulnerability_CVE-2026-52696 Unauthenticated Sensitive Data Exposure in JetBlog	Jetimpex Inc.	JetBlog n/a	Jun 17, 2026	CVE
HIGH 7.1	CVE-2026-49778	WordPress WPFunnels Pro plugin <= 2.9.4 - Cross Site Scripting (XSS) vulnerability_CVE-2026-49778 Unauthenticated Cross Site Scripting (XSS) in WPFunnels Pro	WPFunnels	WPFunnels Pro n/a	Jun 17, 2026	CVE
CRITICAL 9.8	CVE-2026-49767	WordPress wpForo Forum plugin <= 3.1.0 - Broken Authentication vulnerability_CVE-2026-49767 Unauthenticated Broken Authentication in wpForo Forum	Tomdever	wpForo Forum n/a	Jun 17, 2026	CVE
CRITICAL 9.8	CVE-2026-49107	WordPress Thrive Apprentice plugin < 10.8.10.2 - PHP Object Injection vulnerability_CVE-2026-49107 Unauthenticated PHP Object Injection in Thrive Apprentice < 10.8.10.2 versions.	Thrive Themes	Thrive Apprentice n/a	Jun 17, 2026	CVE
CRITICAL 9.3	CVE-2026-49084	WordPress JetEngine plugin < 3.8.9.1 - SQL Injection vulnerability_CVE-2026-49084 Unauthenticated SQL Injection in JetEngine < 3.8.9.1 versions.	Jetimpex Inc.	JetEngine n/a	Jun 17, 2026	CVE
HIGH 8.2	CVE-2026-49081	WordPress User Registration Stripe plugin <= 1.3.12 - Broken Access Control vulnerability_CVE-2026-49081 Unauthenticated Broken Access Control in User Registration Stripe	ThemeGrill	User Registration Stripe n/a	Jun 17, 2026	CVE
CRITICAL 9.3	CVE-2026-49079	WordPress JetSearch plugin <= 3.5.17 - SQL Injection vulnerability_CVE-2026-49079 Unauthenticated SQL Injection in JetSearch	Jetimpex Inc.	JetSearch n/a	Jun 17, 2026	CVE
CRITICAL 9.3	CVE-2026-49076	WordPress JetEngine plugin <= 3.8.9.1 - SQL Injection vulnerability_CVE-2026-49076 Unauthenticated SQL Injection in JetEngine	Jetimpex Inc.	JetEngine n/a	Jun 17, 2026	CVE