CVE - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
NONE	SCHNEIER:325D80...	Flock Cameras Are Being Used for Stalking_SCHNEIER:325D80C26916934E28A1A48C7DC29672 There are over a dozen cases around the country where police officers are using the Flock surveillance camera system to obsessively and illegally s...	N/A	N/A	Jun 16, 2026	SCHNEIER
HIGH 8.1	CVE-2026-8442	WP Review Slider Pro <= 12.6.8 - Authenticated (Subscriber+) Arbitrary File Deletion via 'myaction' Parameter_CVE-2026-8442 The WP Review Slider Pro plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to and including 12.6.8. This is due to missi...	https://wpreviewslider.com/	WP Review Slider Pro	Jun 16, 2026	CVE
HIGH 7.5	CVE-2026-8176	LatePoint <= 5.5.1 - Authenticated (Agent+) Privilege Escalation to Administrator via IDOR in OsOrdersController::create_or_update + Unauthenticated Customer-Cabinet Password Reset_CVE-2026-8176 The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Privilege Escalation to Administrator in ...	latepoint	LatePoint – Calendar Booking Plugin for Appointments and Events	Jun 16, 2026	CVE
HIGH 8.8	CVE-2026-5416	Command Injection via name parameter_CVE-2026-5416 Due to the improper neutralization of special elements used in a name parameter a low privileged remote attacker can exploit a command injection vu...	TURCK	TBEN-LL-SE-M2 0.0.0	Jun 16, 2026	CVE
HIGH 7.1	CVE-2026-54198	WordPress Media LIbrary Assistant plugin <= 3.35 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-54198 Unauthenticated Cross Site Scripting (XSS) in Media LIbrary Assistant	David Lingren	Media LIbrary Assistant n/a	Jun 16, 2026	CVE
MEDIUM 6.5	CVE-2026-54197	WordPress GetGenie plugin <= 4.4.1 - Sensitive Data Exposure vulnerability_CVE-2026-54197 Unauthenticated Sensitive Data Exposure in GetGenie	Wpmet	GetGenie n/a	Jun 16, 2026	CVE
HIGH 7.1	CVE-2026-54191	WordPress Pods plugin <= 3.3.8 - Cross Site Scripting (XSS) vulnerability_CVE-2026-54191 Unauthenticated Cross Site Scripting (XSS) in Pods	Pods Framework	Pods n/a	Jun 16, 2026	CVE
MEDIUM 6.5	CVE-2026-54190	WordPress Envira Photo Gallery plugin <= 1.12.5 - Broken Access Control vulnerability_CVE-2026-54190 Unauthenticated Broken Access Control in Envira Photo Gallery	Awesomemotive	Envira Photo Gallery n/a	Jun 16, 2026	CVE
CRITICAL 9.3	CVE-2026-52715	WordPress GEO my WordPress plugin <= 4.5.5 - SQL Injection vulnerability_CVE-2026-52715 Unauthenticated SQL Injection in GEO my WordPress	Eyal Fitoussi	GEO my WordPress n/a	Jun 16, 2026	CVE
HIGH 7.5	CVE-2026-52714	WordPress SEO Plugin by Squirrly SEO plugin <= 12.4.16 - Broken Access Control vulnerability_CVE-2026-52714 Unauthenticated Broken Access Control in SEO Plugin by Squirrly SEO	SEO Squirrly	SEO Plugin by Squirrly SEO n/a	Jun 16, 2026	CVE