HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.8	8B9B93FC-8C77-	Exploit for CVE-2026-5415_8B9B93FC-8C77-5E42-B472-87FA60C69926 CVE-2026-5415 CVE-2026-5415 WP Captcha PRO Authenticated Authentication Bypass Exploit...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
HIGH 7.5	64C268B8-DAA9-	Exploit for CVE-2026-49083_64C268B8-DAA9-5742-A8DC-477457B77A6F CVE-2026-49083 CVE-2026-49083 LatePoint Calendar Booking Plugin Privilege Escalation Exploit...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
HIGH 8.8	CVE-2026-12165	Contest Gallery <= 30.0.2 - Authenticated (Author+) Privilege Escalation via 'RegistryUserRole' Parameter_CVE-2026-12165 The Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe plugin for WordPress is vulnerable to Privilege Escalation in all vers...	contest-gallery	Contest Gallery – Upload & Vote Photos, Media, Sell with PayPal & Stripe	Jun 17, 2026	CVE
HIGH 7.5	CVE-2026-12199	Unauthenticated Denial of Service in nltk.app.wordnet_app_CVE-2026-12199 A vulnerability in `nltk.app.wordnet_app` up to version 3.9.3 allows unauthenticated remote shutdown of the local WordNet Browser HTTP server when ...	nltk	nltk/nltk unspecified	Jun 17, 2026	CVE
HIGH 8.8	E87C990D-9E3C-	Exploit for Improper Restriction of Names for Files and Other Resources in Microsoft_E87C990D-9E3C-5866-9E3D-36C66A9C5EEF cve-id ⚡ Simple Usage Use this project only in safe and authorized environments such as: - Local virtual machines - Docker containers - Isolated l...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
HIGH 7.2	CVE-2026-53876	CVE-2026-53876_CVE-2026-53876 RadiX AX6600 WiFi 6 Tri-Band Gaming Router contains an OS command injection vulnerability, which may lead to arbitrary command execution with the r...	Micro-Star International Co., Ltd.	RadiX AX6600 WiFi 6 Tri-Band Gaming Router firmware versions prior to v781521	Jun 17, 2026	CVE
HIGH 7.5	CVE-2026-12360	JetEngine <= 3.8.10.1 - Unauthenticated SQL Injection via Listing Grid Load More AJAX Endpoint_CVE-2026-12360 The JetEngine plugin for WordPress is vulnerable to SQL injection in all versions up to and including 3.8.10.1. The listing_load_more AJAX handler ...	Crocoblock	JetEngine	Jun 17, 2026	CVE
HIGH 8.7	541019B7-F4D6-	Exploit for OS Command Injection in Cisco Nx-Os_541019B7-F4D6-59F7-8E15-0CD67C424E98 CVE-2024-20399 ⚡ Simple Usage Use this project only in safe and authorized environments such as: - Local virtual machines - Docker containers - Is...	N/A	N/A	Jun 17, 2026	GITHUBEXPLOIT
HIGH 8.5	CVE-2026-49113	WordPress Cornerstone plugin < 7.8.8 - Arbitrary Code Execution vulnerability_CVE-2026-49113 Subscriber Arbitrary Code Execution in Cornerstone < 7.8.8 versions.	THEMECO	Cornerstone n/a	Jun 16, 2026	CVE
HIGH 8.5	CVE-2026-49073	WordPress Directorist Booking plugin <= 3.0.3 - SQL Injection vulnerability_CVE-2026-49073 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in wpWax Directorist Booking allows Blind SQL In...	wpWax	Directorist Booking n/a	Jun 16, 2026	CVE