Security - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.9	CVE-2026-40748	WordPress Kids Gift Shop theme <= 0.5.4 - Arbitrary File Upload vulnerability_CVE-2026-40748 Subscriber Arbitrary File Upload in Kids Gift Shop	themagnifico52	Kids Gift Shop n/a	Jun 17, 2026	CVE
CRITICAL 9.9	CVE-2026-40747	WordPress Ecommerce Zone theme <= 0.9.7 - Arbitrary File Upload vulnerability_CVE-2026-40747 Subscriber Arbitrary File Upload in Ecommerce Zone	themagnifico52	Ecommerce Zone 0.9.7	Jun 17, 2026	CVE
CRITICAL 9.9	CVE-2026-40746	WordPress Restaurant Zone theme <= 0.7.8 - Arbitrary File Upload vulnerability_CVE-2026-40746 Subscriber Arbitrary File Upload in Restaurant Zone	themagnifico52	Restaurant Zone n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2026-40735	WordPress Reina theme <= 2.1 - PHP Object Injection vulnerability_CVE-2026-40735 Unauthenticated PHP Object Injection in Reina	Edge-Themes	Reina n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2026-40731	WordPress ChapterOne theme <= 1.7 - Local File Inclusion vulnerability_CVE-2026-40731 Unauthenticated Local File Inclusion in ChapterOne	Mikado-Themes	ChapterOne n/a	Jun 17, 2026	CVE
HIGH 8.2	CVE-2026-40726	WordPress User Registration Stripe plugin <= 1.3.14 - Broken Access Control vulnerability_CVE-2026-40726 Unauthenticated Broken Access Control in User Registration Stripe	ThemeGrill	User Registration Stripe n/a	Jun 17, 2026	CVE
CRITICAL 9.8	CVE-2026-40725	WordPress WooCommerce Product Filters plugin < 2.0.6 - PHP Object Injection vulnerability_CVE-2026-40725 Unauthenticated PHP Object Injection in WooCommerce Product Filters < 2.0.6 versions.	Barn2 Media Ltd	WooCommerce Product Filters n/a	Jun 17, 2026	CVE
MEDIUM 6.5	CVE-2026-40724	WordPress Client Portal (Pro) plugin <= 5.6.2 - Arbitrary File Download vulnerability_CVE-2026-40724 CP Client Arbitrary File Download in Client Portal (Pro)	Client Portal Ltd.	Client Portal (Pro) n/a	Jun 17, 2026	CVE
MEDIUM 4.3	CVE-2026-40723	WordPress Bricks Builder theme <= 2.1.4 - Broken Access Control vulnerability_CVE-2026-40723 Subscriber Broken Access Control in Bricks Builder	Bricks	Bricks Builder n/a	Jun 17, 2026	CVE
HIGH 7.5	CVE-2026-40721	WordPress Element Pack Pro plugin <= 9.0.6 - Local File Inclusion vulnerability_CVE-2026-40721 Contributor Local File Inclusion in Element Pack Pro	BdThemes	Element Pack Pro n/a	Jun 17, 2026	CVE