CVSS - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.3	CVE-2026-45439	WordPress Realtyna Organic IDX plugin plugin <= 5.1.0 - SQL Injection vulnerability_CVE-2026-45439 Unauthenticated SQL Injection in Realtyna Organic IDX plugin	Realtyna	Realtyna Organic IDX plugin n/a	Jun 15, 2026	CVE
HIGH 7.1	CVE-2026-45437	WordPress Product Filter Widget for Elementor plugin <= 1.0.6 - Cross Site Scripting (XSS) vulnerability_CVE-2026-45437 Unauthenticated Cross Site Scripting (XSS) in Product Filter Widget for Elementor	Bhavin Thummar	Product Filter Widget for Elementor n/a	Jun 15, 2026	CVE
HIGH 7.1	CVE-2026-42775	WordPress AutomatorWP plugin <= 5.7.2 - Cross Site Scripting (XSS) vulnerability_CVE-2026-42775 Unauthenticated Cross Site Scripting (XSS) in AutomatorWP	Ruben Garcia	AutomatorWP n/a	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2026-42752	WordPress Stripe Payments plugin <= 2.0.98 - Bypass Vulnerability vulnerability_CVE-2026-42752 Unauthenticated Bypass Vulnerability in Stripe Payments	mra13 / Team Tips and Tricks HQ	Stripe Payments n/a	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2026-42743	WordPress Masteriyo – LMS plugin <= 2.1.8 - Broken Authentication vulnerability_CVE-2026-42743 Unauthenticated Broken Authentication in Masteriyo - LMS	ThemeGrill	Masteriyo - LMS n/a	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2026-42688	WordPress Modula Image Gallery plugin <= 2.14.23 - Cross Site Scripting (XSS) vulnerability_CVE-2026-42688 Subscriber Cross Site Scripting (XSS) in Modula Image Gallery	WP Chill	Modula Image Gallery n/a	Jun 15, 2026	CVE
HIGH 8.1	CVE-2026-42687	WordPress EventPrime plugin <= 4.3.2.1 - PHP Object Injection vulnerability_CVE-2026-42687 Unauthenticated PHP Object Injection in EventPrime	EventPrime	EventPrime n/a	Jun 15, 2026	CVE
HIGH 7.1	CVE-2026-42686	WordPress EventPrime plugin <= 4.3.2.1 - Cross Site Scripting (XSS) vulnerability_CVE-2026-42686 Subscriber Cross Site Scripting (XSS) in EventPrime	EventPrime	EventPrime n/a	Jun 15, 2026	CVE
HIGH 7.5	CVE-2026-42668	WordPress Email Marketing for WooCommerce by Omnisend plugin <= 1.18.0 - Broken Authentication vulnerability_CVE-2026-42668 Unauthenticated Broken Authentication in Email Marketing for WooCommerce by Omnisend	Omnisend	Email Marketing for WooCommerce by Omnisend n/a	Jun 15, 2026	CVE
HIGH 7.5	CVE-2026-42667	WordPress Bookly plugin <= 27.4 - Sensitive Data Exposure vulnerability_CVE-2026-42667 Unauthenticated Sensitive Data Exposure in Bookly	Bookly	Bookly n/a	Jun 15, 2026	CVE