Vulnerability - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.5	CVE-2026-49072	WordPress WooCommerce Anti-Fraud plugin <= 7.2.6 - Broken Access Control vulnerability_CVE-2026-49072 Unauthenticated Broken Access Control in WooCommerce Anti-Fraud	OPMC	WooCommerce Anti-Fraud n/a	Jun 17, 2026	CVE
MEDIUM 6.5	CVE-2026-49071	WordPress WooCommerce Dropshipping plugin <= 5.2.4 - Broken Authentication vulnerability_CVE-2026-49071 Unauthenticated Broken Authentication in WooCommerce Dropshipping	OPMC	WooCommerce Dropshipping n/a	Jun 17, 2026	CVE
CRITICAL 9.8	CVE-2026-49058	WordPress LoginPress Pro plugin <= 6.2.2 - Privilege Escalation vulnerability_CVE-2026-49058 Unauthenticated Privilege Escalation in LoginPress Pro	LoginPress	LoginPress Pro n/a	Jun 17, 2026	CVE
HIGH 8.5	CVE-2026-48967	WordPress Geo Mashup plugin <= 1.13.19 - SQL Injection vulnerability_CVE-2026-48967 Subscriber SQL Injection in Geo Mashup	Dylan Kuhn	Geo Mashup n/a	Jun 17, 2026	CVE
CRITICAL 9.3	CVE-2026-48875	WordPress JetSmartFilters plugin <= 3.8.1 - SQL Injection vulnerability_CVE-2026-48875 Unauthenticated SQL Injection in JetSmartFilters	Jetimpex Inc.	JetSmartFilters n/a	Jun 17, 2026	CVE
MEDIUM 6.5	CVE-2026-45436	WordPress WPBakery Page Builder plugin <= 8.7.2 - Broken Access Control vulnerability_CVE-2026-45436 Subscriber Broken Access Control in WPBakery Page Builder	Rain-Task Ltd.	WPBakery Page Builder n/a	Jun 17, 2026	CVE
HIGH 8.8	CVE-2026-42629	WordPress PowerPack Pro for Elementor plugin < v2.13.0 - Broken Authentication vulnerability_CVE-2026-42629 Unauthenticated Broken Authentication in PowerPack Pro for Elementor < v2.13.0 versions.	Powerpackelements	PowerPack Pro for Elementor n/a	Jun 17, 2026	CVE
HIGH 7.1	CVE-2026-42385	WordPress Profile Builder Pro plugin <= 3.15.0 - Cross Site Scripting (XSS) vulnerability_CVE-2026-42385 Unauthenticated Cross Site Scripting (XSS) in Profile Builder Pro	Cozmoslabs	Profile Builder Pro n/a	Jun 17, 2026	CVE
CRITICAL 9.8	CVE-2026-42380	WordPress AI Lab theme < 5.4.2 - PHP Object Injection vulnerability_CVE-2026-42380 Unauthenticated PHP Object Injection in AI Lab < 5.4.2 versions.	jwsthemes	AI Lab n/a	Jun 17, 2026	CVE
HIGH 7.1	CVE-2026-41557	WordPress Kapee theme < 1.7.1 - Cross Site Scripting (XSS) vulnerability_CVE-2026-41557 Unauthenticated Cross Site Scripting (XSS) in Kapee < 1.7.1 versions.	PressLayouts	Kapee n/a	Jun 17, 2026	CVE