Vulnerability - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.8	CVE-2026-54196	WordPress JetFormBuilder plugin <= 3.6.1 - Privilege Escalation vulnerability_CVE-2026-54196 Subscriber Privilege Escalation in JetFormBuilder	Jetmonsters	JetFormBuilder n/a	Jun 17, 2026	CVE
HIGH 7.1	CVE-2026-54195	WordPress JetFormBuilder plugin <= 3.6.0.1 - Cross Site Scripting (XSS) vulnerability_CVE-2026-54195 Unauthenticated Cross Site Scripting (XSS) in JetFormBuilder	Jetmonsters	JetFormBuilder n/a	Jun 17, 2026	CVE
HIGH 7.1	CVE-2026-54192	WordPress Popup box plugin <= 6.2.9 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-54192 Unauthenticated Cross Site Scripting (XSS) in Popup box	Ays Pro	Popup box n/a	Jun 17, 2026	CVE
HIGH 7.1	CVE-2026-54189	WordPress JetEngine plugin <= 3.8.10 - Cross Site Scripting (XSS) vulnerability_CVE-2026-54189 Unauthenticated Cross Site Scripting (XSS) in JetEngine	Jetimpex Inc.	JetEngine n/a	Jun 17, 2026	CVE
HIGH 7.1	CVE-2026-54188	WordPress JetEngine plugin <= 3.8.10 - Cross Site Scripting (XSS) vulnerability_CVE-2026-54188 Unauthenticated Cross Site Scripting (XSS) in JetEngine	Jetimpex Inc.	JetEngine n/a	Jun 17, 2026	CVE
CRITICAL 9.3	CVE-2026-54187	WordPress JetEngine plugin <= 3.8.10.1 - SQL Injection vulnerability_CVE-2026-54187 Unauthenticated SQL Injection in JetEngine	Jetimpex Inc.	JetEngine n/a	Jun 17, 2026	CVE
CRITICAL 9.3	CVE-2026-54186	WordPress JobSearch plugin <= 3.2.9 - SQL Injection vulnerability_CVE-2026-54186 Unauthenticated SQL Injection in JobSearch	eyecix	JobSearch n/a	Jun 17, 2026	CVE
HIGH 8.5	CVE-2026-54185	WordPress Cornerstone plugin < 7.8.8 - SQL Injection vulnerability_CVE-2026-54185 Subscriber SQL Injection in Cornerstone < 7.8.8 versions.	THEMECO	Cornerstone n/a	Jun 17, 2026	CVE
HIGH 8.2	CVE-2026-54184	WordPress Clean Login plugin <= 1.15 - Insecure Direct Object References (IDOR) vulnerability_CVE-2026-54184 Unauthenticated Insecure Direct Object References (IDOR) in Clean Login	Alberto Hornero	Clean Login n/a	Jun 17, 2026	CVE
CRITICAL 9.8	CVE-2026-52706	WordPress JetEngine plugin <= 3.8.10 - PHP Object Injection vulnerability_CVE-2026-52706 Unauthenticated PHP Object Injection in JetEngine	Jetimpex Inc.	JetEngine n/a	Jun 17, 2026	CVE