Vulnerability - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.1	CVE-2026-56005	WordPress WP Activity Log plugin <= 5.6.3.1 - Cross Site Scripting (XSS) vulnerability_CVE-2026-56005 Subscriber Cross Site Scripting (XSS) in WP Activity Log	Melapress	WP Activity Log n/a	Jun 25, 2026	CVE
CRITICAL 9.3	CVE-2026-54849	WordPress Premmerce Wishlist for WooCommerce plugin <= 1.1.11 - SQL Injection vulnerability_CVE-2026-54849 Unauthenticated SQL Injection in Premmerce Wishlist for WooCommerce	Premmerce	Premmerce Wishlist for WooCommerce 1.1.11	Jun 25, 2026	CVE
HIGH 8.3	CVE-2026-54848	WordPress APIExperts Square for WooCommerce plugin <= 4.7.3 - Sensitive Data Exposure vulnerability_CVE-2026-54848 Insertion of Sensitive Information Into Sent Data vulnerability in Saad Iqbal APIExperts Square for WooCommerce allows Retrieve Embedded Sensitive ...	Saad Iqbal	APIExperts Square for WooCommerce n/a	Jun 25, 2026	CVE
HIGH 8.1	CVE-2026-54845	WordPress MDTF plugin <= 1.3.8 - Local File Inclusion vulnerability_CVE-2026-54845 Unauthenticated Local File Inclusion in MDTF	PluginUs.Net	MDTF n/a	Jun 25, 2026	CVE
HIGH 7.5	CVE-2026-54844	WordPress CheckView Automated Testing plugin <= 2.1.0 - Broken Access Control vulnerability_CVE-2026-54844 Unauthenticated Broken Access Control in CheckView Automated Testing	CheckView	CheckView Automated Testing n/a	Jun 25, 2026	CVE
CRITICAL 9.3	CVE-2026-54843	WordPress MDTF plugin <= 1.3.7 - SQL Injection vulnerability_CVE-2026-54843 Unauthenticated SQL Injection in MDTF	PluginUs.Net	MDTF n/a	Jun 25, 2026	CVE
HIGH 8.1	CVE-2026-54842	WordPress Royal MCP plugin <= 1.4.25 - Broken Access Control vulnerability_CVE-2026-54842 Missing Authorization vulnerability in Royal Plugins Royal MCP allows Exploiting Incorrectly Configured Access Control Security Levels. This issue...	Royal Plugins	Royal MCP n/a	Jun 25, 2026	CVE
HIGH 7.5	CVE-2026-54841	WordPress Vitepos plugin <= 3.4.2 - Sensitive Data Exposure vulnerability_CVE-2026-54841 Unauthenticated Sensitive Data Exposure in Vitepos	Appsbd	Vitepos n/a	Jun 25, 2026	CVE
HIGH 8.5	CVE-2026-54838	WordPress WC Vendors Marketplace plugin <= 2.6.8 - SQL Injection vulnerability_CVE-2026-54838 Subscriber SQL Injection in WC Vendors Marketplace	Rymera Web Co	WC Vendors Marketplace n/a	Jun 25, 2026	CVE
CRITICAL 9.3	CVE-2026-54836	WordPress Filter & Grids plugin <= 3.11.5 - SQL Injection vulnerability_CVE-2026-54836 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in YMC Filter allows SQL Injection. This issue ...	YMC	YMC Filter n/a	Jun 25, 2026	CVE