Vulnerability - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.5	CVE-2025-68064	WordPress Goya Core plugin < 1.0.9.4 - Local File Inclusion vulnerability_CVE-2025-68064 Contributor Local File Inclusion in Goya Core < 1.0.9.4 versions.	Everthemess	Goya Core n/a	Jun 26, 2026	CVE
HIGH 7.5	CVE-2025-68063	WordPress Splash – Sport Club WordPress theme for Basketball, Football, Hockey theme <= 4.4.3 - Local File Inclusion vulnerability_CVE-2025-68063 Contributor Local File Inclusion in Splash - Sport Club WordPress Theme for Basketball, Football, Hockey	StylemixThemes	Splash - Sport Club WordPress Theme for Basketball, Football, Hockey n/a	Jun 26, 2026	CVE
HIGH 8.8	CVE-2025-68052	WordPress Eagle Booking plugin <= 1.3.4.3 - Cross Site Request Forgery (CSRF) vulnerability_CVE-2025-68052 Unauthenticated Cross Site Request Forgery (CSRF) in Eagle Booking	Eagle-Themes	Eagle Booking n/a	Jun 26, 2026	CVE
MEDIUM 5.3	CVE-2025-66123	WordPress BookPro plugin <= 1.1.0 - Insecure Direct Object References (IDOR) vulnerability_CVE-2025-66123 Unauthenticated Insecure Direct Object References (IDOR) in BookPro	About Envato	BookPro n/a	Jun 26, 2026	CVE
MEDIUM 5.3	CVE-2025-64637	WordPress Auros Core plugin <= 5.3.1 - Content Injection vulnerability_CVE-2025-64637 Unauthenticated Content Injection in Auros Core	Opal_WP	Auros Core n/a	Jun 26, 2026	CVE
MEDIUM 5.3	CVE-2025-64636	WordPress Donation Thermometer plugin <= 2.2.7 - Broken Access Control vulnerability_CVE-2025-64636 Unauthenticated Broken Access Control in Donation Thermometer	rhewlif	Donation Thermometer n/a	Jun 26, 2026	CVE
MEDIUM 4.3	CVE-2025-63079	WordPress Live Copy Paste for Elementor plugin <= 1.5.3 - Broken Access Control vulnerability_CVE-2025-63079 Contributor Broken Access Control in Live Copy Paste for Elementor	bdthemes	Live Copy Paste for Elementor n/a	Jun 26, 2026	CVE
MEDIUM 4.3	CVE-2025-63078	WordPress Restaurant Menu by MotoPress plugin <= 2.4.11 - Broken Access Control vulnerability_CVE-2025-63078 Subscriber Broken Access Control in Restaurant Menu by MotoPress	jetmonsters	Restaurant Menu by MotoPress n/a	Jun 26, 2026	CVE
MEDIUM 5.4	CVE-2025-63041	WordPress Forget About Shortcode Buttons plugin <= 2.1.3 - Broken Access Control vulnerability_CVE-2025-63041 Contributor Broken Access Control in Forget About Shortcode Buttons	Code Amp	Forget About Shortcode Buttons n/a	Jun 26, 2026	CVE
HIGH 7.2	CVE-2026-9640	LXD Snapshot Import Privilege Escalation Vulnerability_CVE-2026-9640 A privilege escalation vulnerability exists in LXD from 6.0 before 6.9, 5.21.0 before 5.21.5, and 5.0.0 before 5.0.7 regarding the handling of proj...	Canonical	LXD 5.21.0	Jun 26, 2026	CVE