Security - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 6.4	CVE-2026-56026	WordPress utm.codes plugin <= 1.9.0 - Server Side Request Forgery (SSRF) vulnerability_CVE-2026-56026 Subscriber Server Side Request Forgery (SSRF) in utm.codes	Chris Carlevato	utm.codes n/a	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-56025	WordPress Paymob for WooCommerce plugin <= 4.1.2 - Broken Access Control vulnerability_CVE-2026-56025 Unauthenticated Broken Access Control in Paymob for WooCommerce	Paymob	Paymob for WooCommerce n/a	Jun 26, 2026	CVE
HIGH 7.1	CVE-2026-56011	WordPress MapPress Maps for WordPress plugin <= 2.97.3 - Cross Site Scripting (XSS) vulnerability_CVE-2026-56011 Unauthenticated Cross Site Scripting (XSS) in MapPress Maps for WordPress	chrisvrichardson	MapPress Maps for WordPress n/a	Jun 26, 2026	CVE
HIGH 8.8	CVE-2026-56010	WordPress Abandoned Cart Pro for WooCommerce plugin <= 10.4.0 - Privilege Escalation vulnerability_CVE-2026-56010 Subscriber Privilege Escalation in Abandoned Cart Pro for WooCommerce	Tyche Softwares.	Abandoned Cart Pro for WooCommerce n/a	Jun 26, 2026	CVE
HIGH 8.8	CVE-2026-56008	WordPress Fusion Builder plugin <= 3.15.4 - Privilege Escalation vulnerability_CVE-2026-56008 Contributor Privilege Escalation in Fusion Builder	ThemeFusion	Fusion Builder n/a	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-54847	WordPress Stylish Cost Calculator plugin <= 8.3.9 - Broken Access Control vulnerability_CVE-2026-54847 Unauthenticated Broken Access Control in Stylish Cost Calculator	Design	Stylish Cost Calculator n/a	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-54846	WordPress Syncee Premium Dropshipping & Wholesale plugin <= 1.0.27 - Broken Access Control vulnerability_CVE-2026-54846 Unauthenticated Broken Access Control in Syncee Premium Dropshipping & Wholesale	akosglys	Syncee Premium Dropshipping & Wholesale n/a	Jun 26, 2026	CVE
HIGH 7.3	CVE-2026-54840	WordPress Newsletters plugin <= 4.13 - Broken Access Control vulnerability_CVE-2026-54840 Unauthenticated Broken Access Control in Newsletters	Tribulant Software	Newsletters n/a	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-54839	WordPress Trinity Backup – Backup, Migrate, Restore, Clone & Schedule Backups plugin <= 2.0.9 - Sensitive Data Exposure vulnerability_CVE-2026-54839 Unauthenticated Sensitive Data Exposure in Trinity Backup – Backup, Migrate, Restore, Clone & Schedule Backups	kingaddons	Trinity Backup – Backup, Migrate, Restore, Clone & Schedule Backups n/a	Jun 26, 2026	CVE
HIGH 7.5	CVE-2026-54837	WordPress Intranet & Private Site – All-In-One Intranet plugin <= 1.8.1 - Broken Access Control vulnerability_CVE-2026-54837 Unauthenticated Broken Access Control in Intranet & Private Site – All-In-One Intranet	Syed Balkhi	Intranet & Private Site – All-In-One Intranet n/a	Jun 26, 2026	CVE