Vulnerability - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.8	CVE-2026-49268	Apache Shiro: LDAP DN Injection in DefaultLdapRealm_CVE-2026-49268 A remote attacker can inject LDAP special characters into the Distinguished Name (DN) construction in DefaultLdapRealm class. User-supplied usernam...	Apache Software Foundation	Apache Shiro	Jun 17, 2026	CVE
CRITICAL 9.8	CVE-2026-49108	WordPress Moderno theme < 1.43 - PHP Object Injection vulnerability_CVE-2026-49108 Unauthenticated PHP Object Injection in Moderno < 1.43 versions.	park_of_ideas	Moderno n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2026-40757	WordPress Château theme <= 1.2.1 - PHP Object Injection vulnerability_CVE-2026-40757 Unauthenticated PHP Object Injection in Château	Mikado-Themes	Château n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2026-40756	WordPress Zoya theme <= 1.4 - PHP Object Injection vulnerability_CVE-2026-40756 Unauthenticated PHP Object Injection in Zoya	Mikado-Themes	Zoya n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2026-40752	WordPress Manufaktur Solutions theme <= 1.1.1 - PHP Object Injection vulnerability_CVE-2026-40752 Unauthenticated PHP Object Injection in Manufaktur Solutions	Select-Themes	Manufaktur Solutions n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2026-40738	WordPress Eldon theme <= 1.4.1 - PHP Object Injection vulnerability_CVE-2026-40738 Unauthenticated PHP Object Injection in Eldon	Edge-Themes	Eldon n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2026-40733	WordPress ShiftUp theme <= 1.3 - PHP Object Injection vulnerability_CVE-2026-40733 Unauthenticated PHP Object Injection in ShiftUp	Mikado-Themes	ShiftUp n/a	Jun 17, 2026	CVE
HIGH 7.1	CVE-2026-40720	WordPress Royal Elementor Addons Pro plugin < 1.7.1041 - Cross Site Scripting (XSS) vulnerability_CVE-2026-40720 Unauthenticated Cross Site Scripting (XSS) in Royal Elementor Addons Pro < 1.7.1041 versions.	Royal Elementor Addons	Royal Elementor Addons Pro n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2026-39590	WordPress Atomlab theme <= 2.4.5 - Local File Inclusion vulnerability_CVE-2026-39590 Unauthenticated Local File Inclusion in Atomlab	ThemeMove	Atomlab n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2026-39576	WordPress SingleMalt theme <= 1.5 - PHP Object Injection vulnerability_CVE-2026-39576 Unauthenticated PHP Object Injection in SingleMalt	Elated-Themes	SingleMalt n/a	Jun 17, 2026	CVE