CVE - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 8.8	CVE-2026-56053	WordPress EventPrime plugin <= 4.3.4.1 - PHP Object Injection vulnerability_CVE-2026-56053 Subscriber PHP Object Injection in EventPrime	EventPrime	EventPrime n/a	Jun 25, 2026	CVE
HIGH 7.1	CVE-2026-56051	WordPress TablePress plugin <= 3.3.1 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-56051 Unauthenticated Cross Site Scripting (XSS) in TablePress	TablePress	TablePress n/a	Jun 25, 2026	CVE
MEDIUM 6.5	CVE-2026-56050	WordPress PPOM for WooCommerce plugin <= 33.0.18 - Broken Access Control vulnerability_CVE-2026-56050 Improper Access Control vulnerability in Themeisle PPOM for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. T...	Themeisle	PPOM for WooCommerce n/a	Jun 25, 2026	CVE
HIGH 8.5	CVE-2026-56049	WordPress Post Snippets plugin <= 4.0.19 - Remote Code Execution (RCE) vulnerability_CVE-2026-56049 Contributor Remote Code Execution (RCE) in Post Snippets	Post Snippets	Post Snippets n/a	Jun 25, 2026	CVE
HIGH 7.1	CVE-2026-56042	WordPress Advanced Order Export For WooCommerce plugin <= 4.0.9 - Cross Site Scripting (XSS) vulnerability_CVE-2026-56042 Customer Cross Site Scripting (XSS) in Advanced Order Export For WooCommerce	Algolplus	Advanced Order Export For WooCommerce n/a	Jun 25, 2026	CVE
MEDIUM 5.4	CVE-2026-56023	WordPress UPI QR Code Payment Gateway for WooCommerce plugin <= 1.6.2 - Broken Access Control vulnerability_CVE-2026-56023 Customer Broken Access Control in UPI QR Code Payment Gateway for WooCommerce	Knit Pay	UPI QR Code Payment Gateway for WooCommerce n/a	Jun 25, 2026	CVE
HIGH 7.1	CVE-2026-56014	WordPress Master Slider plugin <= 3.11.2 - Cross Site Scripting (XSS) vulnerability_CVE-2026-56014 Unauthenticated Cross Site Scripting (XSS) in Master Slider	Averta	Master Slider n/a	Jun 25, 2026	CVE
MEDIUM 6.5	CVE-2026-56013	WordPress License Manager for WooCommerce plugin <= 3.0.15 - Insecure Direct Object References (IDOR) vulnerability_CVE-2026-56013 Unauthenticated Insecure Direct Object References (IDOR) in License Manager for WooCommerce	myCred	License Manager for WooCommerce n/a	Jun 25, 2026	CVE
HIGH 7.1	CVE-2026-56006	WordPress H5P plugin <= 1.17.6 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-56006 Unauthenticated Cross Site Scripting (XSS) in H5P	H5P	H5P n/a	Jun 25, 2026	CVE
HIGH 7.1	CVE-2026-56005	WordPress WP Activity Log plugin <= 5.6.3.1 - Cross Site Scripting (XSS) vulnerability_CVE-2026-56005 Subscriber Cross Site Scripting (XSS) in WP Activity Log	Melapress	WP Activity Log n/a	Jun 25, 2026	CVE