Vulnerability - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	CVE-2025-68045	WordPress WP Event SOlution plugin <= 4.1.12 - Broken Access Control vulnerability_CVE-2025-68045 Unauthenticated Broken Access Control in WP Event SOlution	Arraytics	WP Event SOlution n/a	Jun 16, 2026	CVE
HIGH 8.5	B1BB8CF9-0BFD-	Exploit for UNIX Symbolic Link Following in Litespeedtech Litespeed_Cpanel_Plugin_B1BB8CF9-0BFD-571E-8152-2D53A8245793 CVE-2026-54420 Mitigation Toolkit Defensive remediation, auditing, and verification toolkit for CVE-2026-54420 affecting LiteSpeed cPanel Plugin in...	N/A	N/A	Jun 16, 2026	GITHUBEXPLOIT
HIGH 8.8	CVE-2026-8444	WP Review Slider Pro <= 12.6.8 - Authenticated (Subscriber+) SQL Injection via 'curselrevs' Parameter_CVE-2026-8444 The WP Review Slider Pro plugin for WordPress is vulnerable to SQL Injection via the 'curselrevs[]' parameter of the wpfb_find_reviews AJAX action ...	https://wpreviewslider.com/	WP Review Slider Pro	Jun 16, 2026	CVE
MEDIUM 6.4	CVE-2026-10093	File Sharing & Download Manager <= 2.1.6 - Authenticated (Subscriber+) Stored Cross-Site Scripting via 'fldr_ttl' Parameter_CVE-2026-10093 The File Sharing & Download Manager – User Private Files plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'fldr_ttl' param...	deepakkite	Secure Client Portal and Private File Sharing Plugin – User Private Files	Jun 16, 2026	CVE
HIGH 8.7	30AECF2C-E55B-	Exploit for CVE-2026-20262_30AECF2C-E55B-530A-B3C5-DC776BD957D4 cve-id ⚡ Simple Usage Use this project only in safe and authorized environments such as: - Local virtual machines - Docker containers - Isolated l...	N/A	N/A	Jun 16, 2026	GITHUBEXPLOIT
NONE	29D0989A-B7ED-	Exploit for CVE-2026-54686_29D0989A-B7ED-56AD-B27C-E3D705F08F97 CVE-2026-54686: Warp Remote SSH Command Injection PoC Description This repository contains a Proof of Concept PoC for CVE-2026-54686, a command inj...	N/A	N/A	Jun 16, 2026	GITHUBEXPLOIT
HIGH 8.7	EB7819E4-5D08-	Exploit for UNIX Symbolic Link Following in Litespeedtech Litespeed_Cpanel_Plugin_EB7819E4-5D08-5B2B-B382-7EDE03F6667E cve-id ⚡ Simple Usage Use this project only in safe and authorized environments such as: - Local virtual machines - Docker containers - Isolated l...	N/A	N/A	Jun 16, 2026	GITHUBEXPLOIT
HIGH 8.5	THN:5B94477ED5E...	CISA Flags LiteSpeed cPanel Plugin Flaw Exploited for Root Privilege Escalation_THN:5B94477ED5EC6723600F72BC204673F2 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhweJrEaMuAEZCtL6h2H2XMxWOMGzKSktYq9kDvwXAGvIAt39-gz3irXruUA0KVSSupFdIh13o2F5quHfout0...	N/A	N/A	Jun 16, 2026	THN
MEDIUM 6.5	THN:4C575B5BB9B...	Cisco Releases Security Updates for Actively Exploited SD-WAN Manager Flaw_THN:4C575B5BB9BB1889D35E1074597EB347 ![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj-vJIadGle0Cre1cNAxZIcD9ktkl1mPnUwtEtF1xuMbeH75BnvGq3twL0W2OowYW7ZZMxvzMjdbU-VMEZfEv...	N/A	N/A	Jun 16, 2026	THN
MEDIUM 5.3	CVE-2026-6964	Video Conferencing with Zoom <= 4.6.7 - Missing Authorization to Unauthenticated Zoom SDK Credential Exposure via 'get_auth' AJAX Action_CVE-2026-6964 The Video Conferencing with Zoom plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.6.7. This is du...	j_3rk	Video Conferencing with Zoom	Jun 16, 2026	CVE