Security - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.8	CVE-2025-69138	WordPress Genemy theme <= 1.6.6 - Privilege Escalation vulnerability_CVE-2025-69138 Subscriber Privilege Escalation in Genemy	Jthemes	Genemy n/a	Jun 17, 2026	CVE
HIGH 8.5	CVE-2025-69135	WordPress Events Schedule – WordPress Events Calendar Plugin plugin <= 2.7.2 - SQL Injection vulnerability_CVE-2025-69135 Subscriber SQL Injection in Events Schedule - WordPress Events Calendar Plugin	CurlyThemes	Events Schedule - WordPress Events Calendar Plugin n/a	Jun 17, 2026	CVE
CRITICAL 10	CVE-2025-69129	WordPress WordPress & WooCommerce Scraper Plugin, Import Data from Any Site plugin <= 1.0.7 - Arbitrary File Upload vulnerability_CVE-2025-69129 Unauthenticated Arbitrary File Upload in WordPress & WooCommerce Scraper Plugin, Import Data from Any Site	Extendons	WordPress & WooCommerce Scraper Plugin, Import Data from Any Site n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2025-69117	WordPress Ingenioso theme <= 1.14.0 - Local File Inclusion vulnerability_CVE-2025-69117 Unauthenticated Local File Inclusion in Ingenioso	ThemeREX	Ingenioso n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2025-69110	WordPress AirSupply theme <= 2.0.0 - Local File Inclusion vulnerability_CVE-2025-69110 Unauthenticated Local File Inclusion in AirSupply	ThemeREX	AirSupply n/a	Jun 17, 2026	CVE
HIGH 7.7	CVE-2025-60223	WordPress WPBot Pro WordPress Chatbot plugin <= 13.6.5 - Arbitrary File Deletion vulnerability_CVE-2025-60223 Subscriber Arbitrary File Deletion in WPBot Pro Wordpress Chatbot	QuantumCloud	WPBot Pro Wordpress Chatbot n/a	Jun 17, 2026	CVE
CRITICAL 9.9	CVE-2025-60218	WordPress PT Luxa Addons Plugin <= 1.2.2 - Arbitrary File Upload Vulnerability_CVE-2025-60218 Subscriber Arbitrary File Upload in PT Luxa Addons	WPLocker	PT Luxa Addons n/a	Jun 17, 2026	CVE
CRITICAL 9.8	CVE-2025-60205	WordPress ThemeREX Addons plugin <= 2.36.1.1 - PHP Object Injection vulnerability_CVE-2025-60205 Unauthenticated PHP Object Injection in ThemeREX Addons	ThemeREX	ThemeREX Addons n/a	Jun 17, 2026	CVE
HIGH 8.8	CVE-2025-59563	WordPress Sonaar theme <= 4.27.4 - Privilege Escalation vulnerability_CVE-2025-59563 Subscriber Privilege Escalation in Sonaar	SONAAR MUSIC	Sonaar n/a	Jun 17, 2026	CVE
HIGH 7.1	CVE-2025-59560	WordPress Sonaar theme <= 4.27.4 - Cross Site Scripting (XSS) vulnerability_CVE-2025-59560 Unauthenticated Cross Site Scripting (XSS) in Sonaar	SONAAR MUSIC	Sonaar n/a	Jun 17, 2026	CVE