Vulnerability - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.1	CVE-2026-48876	WordPress Stop Spammers plugin <= 2026.3 - Cross Site Scripting (XSS) vulnerability_CVE-2026-48876 Unauthenticated Cross Site Scripting (XSS) in Stop Spammers	Web Guy	Stop Spammers n/a	Jun 15, 2026	CVE
HIGH 8.5	CVE-2026-48874	WordPress GamiPress plugin <= 7.8.7 - SQL Injection vulnerability_CVE-2026-48874 Subscriber SQL Injection in GamiPress	Ruben Garcia	GamiPress n/a	Jun 15, 2026	CVE
HIGH 7.5	CVE-2026-48873	WordPress Montonio for WooCommerce plugin <= 10.1.2 - Broken Access Control vulnerability_CVE-2026-48873 Unauthenticated Broken Access Control in Montonio for WooCommerce	Montonio	Montonio for WooCommerce n/a	Jun 15, 2026	CVE
HIGH 7.5	CVE-2026-48872	WordPress EmbedPress plugin <= 4.5.2 - Sensitive Data Exposure vulnerability_CVE-2026-48872 Unauthenticated Sensitive Data Exposure in EmbedPress	WPDeveloper	EmbedPress n/a	Jun 15, 2026	CVE
HIGH 7.1	CVE-2026-48871	WordPress MW WP Form plugin <= 5.1.3 - Cross Site Scripting (XSS) vulnerability_CVE-2026-48871 Unauthenticated Cross Site Scripting (XSS) in MW WP Form	Takashi Kitajima	MW WP Form n/a	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2026-48870	WordPress King Addons for Elementor plugin <= 51.1.62 - Cross Site Scripting (XSS) vulnerability_CVE-2026-48870 Subscriber Cross Site Scripting (XSS) in King Addons for Elementor	King Addons	King Addons for Elementor n/a	Jun 15, 2026	CVE
HIGH 7.5	CVE-2026-48868	WordPress Simple Shopping Cart plugin <= 5.2.9 - Insecure Direct Object References (IDOR) vulnerability_CVE-2026-48868 Unauthenticated Insecure Direct Object References (IDOR) in Simple Shopping Cart	mra13 / Team Tips and Tricks HQ	Simple Shopping Cart n/a	Jun 15, 2026	CVE
HIGH 7.1	CVE-2026-48867	WordPress Quiz And Survey Master plugin <= 11.1.2 - Cross Site Scripting (XSS) vulnerability_CVE-2026-48867 Unauthenticated Cross Site Scripting (XSS) in Quiz And Survey Master	ExpressTech	Quiz And Survey Master n/a	Jun 15, 2026	CVE
HIGH 7.1	CVE-2026-48838	WordPress Post SMTP plugin <= 3.6.2 - Cross Site Scripting (XSS) vulnerability_CVE-2026-48838 Unauthenticated Cross Site Scripting (XSS) in Post SMTP	WPExperts	Post SMTP n/a	Jun 15, 2026	CVE
CRITICAL 10	CVE-2026-48836	WordPress Easy Invoice plugin <= 2.1.19 - Remote Code Execution (RCE) vulnerability_CVE-2026-48836 Unauthenticated Remote Code Execution (RCE) in Easy Invoice	MantraBrain	Easy Invoice n/a	Jun 15, 2026	CVE