CVSS - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.1	CVE-2026-5233	Missing Rate Limiting in Mia Technologies’ Pizzy Library_CVE-2026-5233 Improper Control of Interaction Frequency vulnerability in MIA Technology Inc. Pizzy Library allows Flooding. This issue affects Pizzy Library: fr...	MIA Technology Inc.	Pizzy Library 1.0.0.26250	Jun 15, 2026	CVE
HIGH 7.1	CVE-2026-5230	Improper Access Control in Mia Technologies’ Pizzy Library_CVE-2026-5230 Improper Access Control, Missing Authorization vulnerability in MIA Technology Inc. Pizzy Library allows Exploiting Incorrectly Configured Access C...	MIA Technology Inc.	Pizzy Library 1.0.0.26250	Jun 15, 2026	CVE
HIGH 7.5	CVE-2026-5079	multer vulnerable to Denial of Service via deeply nested field names_CVE-2026-5079 Impact: multer versions 1.0.0 through 2.1.1 and 3.0.0-alpha.1 are vulnerable to a Denial of Service via deeply nested field names in multipart form...	multer	multer 1.0.0	Jun 15, 2026	CVE
CRITICAL 10	CVE-2026-52704	WordPress WooCommerce PDF Invoice Builder plugin <= 2.0.8 - Remote Code Execution (RCE) vulnerability_CVE-2026-52704 Improper Control of Generation of Code ('Code Injection') vulnerability in Edgar Rojas WooCommerce PDF Invoice Builder allows Remote Code Inclusion...	Edgar Rojas	WooCommerce PDF Invoice Builder n/a	Jun 15, 2026	CVE
HIGH 8.8	CVE-2026-49111	WordPress Masteriyo – LMS plugin <= 2.2.0 - Privilege Escalation vulnerability_CVE-2026-49111 Incorrect Privilege Assignment vulnerability in ThemeGrill Masteriyo - LMS allows Privilege Escalation. This issue affects Masteriyo - LMS: from n...	ThemeGrill	Masteriyo - LMS n/a	Jun 15, 2026	CVE
HIGH 7.5	CVE-2026-49064	WordPress GetPaid plugin <= 2.8.49 - Sensitive Data Exposure vulnerability_CVE-2026-49064 Insertion of Sensitive Information Into Sent Data vulnerability in Stiofan GetPaid allows Retrieve Embedded Sensitive Data. This issue affects Get...	Stiofan	GetPaid n/a	Jun 15, 2026	CVE
HIGH 8.8	CVE-2026-49062	WordPress Faust.js plugin <= 1.8.7 - Broken Authentication vulnerability_CVE-2026-49062 Authentication Bypass Using an Alternate Path or Channel vulnerability in WP Engine Faust.Js allows Password Recovery Exploitation. This issue aff...	WP Engine	Faust.js n/a	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2026-48969	WordPress Really Simple SSL plugin <= 9.5.9 - Broken Access Control vulnerability_CVE-2026-48969 Subscriber Broken Access Control in Really Simple SSL	Really Simple Plugins B.V.	Really Simple SSL n/a	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2025-64215	WordPress MasterStudy LMS Pro plugin < 4.7.16 - Broken Access Control vulnerability_CVE-2025-64215 Missing Authorization vulnerability in StylemixThemes MasterStudy LMS Pro allows Accessing Functionality Not Properly Constrained by ACLs. This is...	StylemixThemes	MasterStudy LMS Pro n/a	Jun 15, 2026	CVE
NONE	ED7FF4D6-F1DB-	xss-bypass-tester_ED7FF4D6-F1DB-56E3-A075-203EB0FB79EB No description provided...	N/A	N/A	Jun 15, 2026	GITHUBEXPLOIT