tapic - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	CVE-2026-5079	multer vulnerable to Denial of Service via deeply nested field names_CVE-2026-5079 Impact: multer versions 1.0.0 through 2.1.1 and 3.0.0-alpha.1 are vulnerable to a Denial of Service via deeply nested field names in multipart form...	multer	multer 1.0.0	Jun 15, 2026	CVE
CRITICAL 10	CVE-2026-52704	WordPress WooCommerce PDF Invoice Builder plugin <= 2.0.8 - Remote Code Execution (RCE) vulnerability_CVE-2026-52704 Improper Control of Generation of Code ('Code Injection') vulnerability in Edgar Rojas WooCommerce PDF Invoice Builder allows Remote Code Inclusion...	Edgar Rojas	WooCommerce PDF Invoice Builder n/a	Jun 15, 2026	CVE
HIGH 8.8	CVE-2026-49111	WordPress Masteriyo – LMS plugin <= 2.2.0 - Privilege Escalation vulnerability_CVE-2026-49111 Incorrect Privilege Assignment vulnerability in ThemeGrill Masteriyo - LMS allows Privilege Escalation. This issue affects Masteriyo - LMS: from n...	ThemeGrill	Masteriyo - LMS n/a	Jun 15, 2026	CVE
HIGH 7.5	CVE-2026-49064	WordPress GetPaid plugin <= 2.8.49 - Sensitive Data Exposure vulnerability_CVE-2026-49064 Insertion of Sensitive Information Into Sent Data vulnerability in Stiofan GetPaid allows Retrieve Embedded Sensitive Data. This issue affects Get...	Stiofan	GetPaid n/a	Jun 15, 2026	CVE
HIGH 8.8	CVE-2026-49062	WordPress Faust.js plugin <= 1.8.7 - Broken Authentication vulnerability_CVE-2026-49062 Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Engine Faust.Js allows Password Recovery Exploitation. This issue aff...	WP Engine	Faust.js n/a	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2026-48969	WordPress Really Simple SSL plugin <= 9.5.9 - Broken Access Control vulnerability_CVE-2026-48969 Subscriber Broken Access Control in Really Simple SSL	Really Simple Plugins B.V.	Really Simple SSL n/a	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2025-64215	WordPress MasterStudy LMS Pro plugin < 4.7.16 - Broken Access Control vulnerability_CVE-2025-64215 Missing Authorization vulnerability in StylemixThemes MasterStudy LMS Pro allows Accessing Functionality Not Properly Constrained by ACLs. This is...	StylemixThemes	MasterStudy LMS Pro n/a	Jun 15, 2026	CVE
NONE	ED7FF4D6-F1DB-	xss-bypass-tester_ED7FF4D6-F1DB-56E3-A075-203EB0FB79EB No description provided...	N/A	N/A	Jun 15, 2026	GITHUBEXPLOIT
NONE	SCHNEIER:7723BF...	The FCC Wants to Eliminate Burner Phones_SCHNEIER:7723BF6584DCFB55D5E28C8CAF2C800F A proposed FCC rule would kill burner phones: phones whose accounts are not attached to a particular person. > The FCC plans to do this by legally...	N/A	N/A	Jun 15, 2026	SCHNEIER
NONE	THN:176069D623A...	The Onboarding Password Mistake That Creates Unnecessary Risk_THN:176069D623AC480202DBE3DCA4408A57 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDj2pDJr4F9HBYmRTjOtetTz0h0vViw1lMZp6N0YAS5bGKv8ELJ1hjEcSffQg4xCTqhpIEkLchZxDXn-JNCQ...	N/A	N/A	Jun 15, 2026	THN