CVE - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.8	CVE-2025-69179	WordPress Support Ticket Management System plugin <= 1.9 - Privilege Escalation vulnerability_CVE-2025-69179 Unauthenticated Privilege Escalation in Support Ticket Management System	Theme passion	Support Ticket Management System n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2025-69173	WordPress Tipsy theme <= 1.1 - Local File Inclusion vulnerability_CVE-2025-69173 Unauthenticated Local File Inclusion in Tipsy	ThemeREX	Tipsy n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2025-69172	WordPress Resurs theme <= 1.3 - Local File Inclusion vulnerability_CVE-2025-69172 Unauthenticated Local File Inclusion in Resurs	ThemeREX	Resurs n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2025-69171	WordPress Orpheus theme <= 1.3 - Local File Inclusion vulnerability_CVE-2025-69171 Unauthenticated Local File Inclusion in Orpheus	ThemeREX	Orpheus n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2025-69161	WordPress Snowy theme <= 1.13 - Local File Inclusion vulnerability_CVE-2025-69161 Unauthenticated Local File Inclusion in Snowy	ThemeREX	Snowy n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2025-69148	WordPress Quirky theme <= 1.23 - Local File Inclusion vulnerability_CVE-2025-69148 Unauthenticated Local File Inclusion in Quirky	ThemeREX	Quirky n/a	Jun 17, 2026	CVE
HIGH 8.1	CVE-2025-69145	WordPress Gat theme <= 1.16 - Local File Inclusion vulnerability_CVE-2025-69145 Unauthenticated Local File Inclusion in Gat	ThemeREX	Gat n/a	Jun 17, 2026	CVE
HIGH 8.8	CVE-2025-69138	WordPress Genemy theme <= 1.6.6 - Privilege Escalation vulnerability_CVE-2025-69138 Subscriber Privilege Escalation in Genemy	Jthemes	Genemy n/a	Jun 17, 2026	CVE
HIGH 8.5	CVE-2025-69135	WordPress Events Schedule – WordPress Events Calendar Plugin plugin <= 2.7.2 - SQL Injection vulnerability_CVE-2025-69135 Subscriber SQL Injection in Events Schedule - WordPress Events Calendar Plugin	CurlyThemes	Events Schedule - WordPress Events Calendar Plugin n/a	Jun 17, 2026	CVE
CRITICAL 10	CVE-2025-69129	WordPress WordPress & WooCommerce Scraper Plugin, Import Data from Any Site plugin <= 1.0.7 - Arbitrary File Upload vulnerability_CVE-2025-69129 Unauthenticated Arbitrary File Upload in WordPress & WooCommerce Scraper Plugin, Import Data from Any Site	Extendons	WordPress & WooCommerce Scraper Plugin, Import Data from Any Site n/a	Jun 17, 2026	CVE