CVE - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.8	ECD48805-B674-	Exploit for Use After Free in Linux Linux_Kernel_ECD48805-B674-5D15-9640-7AE6AB574266 CVE-2026-43499 — Linux Kernel Futex PI Use-After-Free Bug removewaiter in kernel/locking/rtmutex.c is used by the slowlock paths but also for proxy...	N/A	N/A	Jun 27, 2026	GITHUBEXPLOIT
CRITICAL 10	449EB399-8D3C-	Exploit for Improper Access Control in Widgetfactorylimited Jce_449EB399-8D3C-5528-B03B-B58DC4645B9D MASTA CVE-2026-48907 Scanner Joomla! JCE 2.9.99.5 Unauthenticated Remote Code Execution RCE Scanner --- 🚨 LEGAL DISCLAIMER & ETHICAL USE This tool...	N/A	N/A	Jun 27, 2026	GITHUBEXPLOIT
CRITICAL 9.8	CVE-2026-12415	Invoice Generator <= 1.0.0 - Unauthenticated Privilege Escalation via Account Takeover via 'user_id' Parameter_CVE-2026-12415 The Invoice Generator plugin for WordPress is vulnerable to privilege escalation due to a missing capability check on the pravel_invoice_edit_accou...	pravel	Invoice Generator	Jun 27, 2026	CVE
HIGH 8.7	7D0D67E6-AAE8-	Exploit for CVE-2026-46331_7D0D67E6-AAE8-52CC-B577-3C66E3ECB231 cve-id ⚡ Simple Usage Use this project only in safe and authorized environments such as: - Local virtual machines - Docker containers - Isolated l...	N/A	N/A	Jun 27, 2026	GITHUBEXPLOIT
NONE	ED09B2EE-07B3-	joomla-exploits-main_ED09B2EE-07B3-547B-93CC-D9DAC465C0D2 joomla-exploits 😸 Title: Joomla! 4.2.8 - Unauthenticated information disclosure Exploit author: HACKFUT Date: 2024-01-24 Vendor Homepage: https://...	N/A	N/A	Jun 27, 2026	GITHUBEXPLOIT
NONE	20339A1B-9C90-	testimonial-widgets-sqli-cve_20339A1B-9C90-5D17-8F25-2CA188B77EB8 CVE-2026-XXXXX Admin SQL Injection in Testimonial Widgets WordPress Plugin via Search Parameter --- Advisory Information \| Field \| Value \| \|-------...	N/A	N/A	Jun 27, 2026	GITHUBEXPLOIT
NONE	90D1D177-0CB7-	sakura-theme-sqli-cve_90D1D177-0CB7-518B-832F-B8A088EB0B9F CVE-2026-XXXXX Unauthenticated SQL Injection in Sakura WordPress Theme via Comment Markdown Parser --- Advisory Information \| Field \| Value \| \|----...	N/A	N/A	Jun 27, 2026	GITHUBEXPLOIT
NONE	5E55BB2B-EBD9-	boxmoe-dove-sqli-cve_5E55BB2B-EBD9-5DB8-8B52-3F16A438DA24 CVE-2026-XXXXX Unauthenticated SQL Injection in Boxmoe Dove WordPress Theme via AJAX Comment Handler --- Advisory Information \| Field \| Value \| \|--...	N/A	N/A	Jun 27, 2026	GITHUBEXPLOIT
MEDIUM 4.3	CVE-2026-13422	HD Quiz 2.2.0 – 2.2.1 – Cross-Site Request Forgery via Multiple AJAX Handlers_CVE-2026-13422 The HD Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 2.2.0 to 2.2.1. This is due to missing or incorrect nonce ...	harmonic_design	HD Quiz 2.2.0	Jun 27, 2026	CVE
MEDIUM 6.4	CVE-2026-13335	CodePeople Post Map for Google Maps <= 1.2.6 - Authenticated (Contributor +) Stored Cross-Site Scripting via 'cpm_point' Post Meta_CVE-2026-13335 The CodePeople Post Map for Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'cpm_point' Post Meta in all versions...	codepeople	CodePeople Post Map for Google Maps	Jun 27, 2026	CVE