CVSS - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 5.3	CVE-2026-25440	WordPress Essential Addons for Elementor plugin < 6.6.0 - Broken Access Control vulnerability_CVE-2026-25440 Unauthenticated Broken Access Control in Essential Addons for Elementor < 6.6.0 versions.	WPDeveloper	Essential Addons for Elementor n/a	Jun 15, 2026	CVE
HIGH 7.5	CVE-2026-25425	WordPress User Registration plugin <= 5.1.2 - Broken Access Control vulnerability_CVE-2026-25425 Unauthenticated Broken Access Control in User Registration	ThemeGrill	User Registration n/a	Jun 15, 2026	CVE
HIGH 8.5	CVE-2026-24637	WordPress PowerPress Podcasting plugin <= 11.15.10 - SQL Injection vulnerability_CVE-2026-24637 Contributor SQL Injection in PowerPress Podcasting	Blubrry Podcasting	PowerPress Podcasting n/a	Jun 15, 2026	CVE
HIGH 7.1	CVE-2026-23970	WordPress Redirection for Contact Form 7 plugin <= 3.2.8 - Cross Site Scripting (XSS) vulnerability_CVE-2026-23970 Unauthenticated Cross Site Scripting (XSS) in Redirection for Contact Form 7	Themeisle	Redirection for Contact Form 7 n/a	Jun 15, 2026	CVE
MEDIUM 6.5	CVE-2025-69332	WordPress Bookify plugin <= 1.1.1 - Broken Access Control vulnerability_CVE-2025-69332 Subscriber Broken Access Control in Bookify	myCred	Bookify n/a	Jun 15, 2026	CVE
HIGH 7.1	CVE-2025-68872	WordPress Eli’s WordCents adSense Widget with Analytics plugin <= 1.3.03.27 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2025-68872 Unauthenticated Cross Site Scripting (XSS) in Eli's WordCents adSense Widget with Analytics	Eli	Eli's WordCents adSense Widget with Analytics n/a	Jun 15, 2026	CVE
HIGH 7.1	CVE-2025-68851	WordPress Okay Toolkit plugin <= 2.3 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2025-68851 Unauthenticated Cross Site Scripting (XSS) in Okay Toolkit	ArrayHQ	Okay Toolkit n/a	Jun 15, 2026	CVE
HIGH 7.1	CVE-2025-68840	WordPress iRobots.txt SEO plugin <= 1.1.2 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2025-68840 Unauthenticated Cross Site Scripting (XSS) in iRobots.txt SEO	markbeljaars	iRobots.txt SEO n/a	Jun 15, 2026	CVE
MEDIUM 6.3	CVE-2025-68049	WordPress bunny.net plugin <= 2.3.6 - Broken Access Control vulnerability_CVE-2025-68049 Subscriber Broken Access Control in bunny.net	bunny.net	bunny.net n/a	Jun 15, 2026	CVE
MEDIUM 4.4	CVE-2025-60175	WordPress PopAd Plugin <= 1.0.4 - Server Side Request Forgery (SSRF) Vulnerability_CVE-2025-60175 Administrator Server Side Request Forgery (SSRF) in PopAd	vynnus	PopAd n/a	Jun 15, 2026	CVE