exploit - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
NONE	5E55BB2B-EBD9-	boxmoe-dove-sqli-cve_5E55BB2B-EBD9-5DB8-8B52-3F16A438DA24 CVE-2026-XXXXX Unauthenticated SQL Injection in Boxmoe Dove WordPress Theme via AJAX Comment Handler --- Advisory Information \| Field \| Value \| \|--...	N/A	N/A	Jun 27, 2026	GITHUBEXPLOIT
MEDIUM 4.3	CVE-2026-13422	HD Quiz 2.2.0 – 2.2.1 – Cross-Site Request Forgery via Multiple AJAX Handlers_CVE-2026-13422 The HD Quiz plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions 2.2.0 to 2.2.1. This is due to missing or incorrect nonce ...	harmonic_design	HD Quiz 2.2.0	Jun 27, 2026	CVE
MEDIUM 6.4	CVE-2026-13335	CodePeople Post Map for Google Maps <= 1.2.6 - Authenticated (Contributor +) Stored Cross-Site Scripting via 'cpm_point' Post Meta_CVE-2026-13335 The CodePeople Post Map for Google Maps plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'cpm_point' Post Meta in all versions...	codepeople	CodePeople Post Map for Google Maps	Jun 27, 2026	CVE
MEDIUM 6.5	CVE-2026-13333	Groundhogg <= 4.5.5 - Authenticated (Sales Rep+) SQL Injection via 'query[select]' Parameter_CVE-2026-13333 The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to generic SQL Injection via 'query[select]' Paramet...	trainingbusinesspros	Groundhogg — CRM, Newsletters, and Marketing Automation	Jun 27, 2026	CVE
MEDIUM 6.5	CVE-2026-13331	Groundhogg <= 4.5.5 - Authenticated (Marketer+) SQL Injection via 'search' Parameter_CVE-2026-13331 The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to generic SQL Injection via the 'search' parameter ...	trainingbusinesspros	Groundhogg — CRM, Newsletters, and Marketing Automation	Jun 27, 2026	CVE
MEDIUM 4.4	CVE-2026-11356	Ivory Search <= 5.5.15 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'menu_title' and 'menu_magnifier_color' Settings_CVE-2026-11356 The Ivory Search – WordPress Search Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'menu_title' and 'menu_magnifier_c...	vinod-dalvi	Ivory Search – WordPress Search Plugin	Jun 27, 2026	CVE
MEDIUM 5.5	CVE-2025-59868	HCL Traveler for Microsoft Outlook (HTMO) is susceptible to sensitive data exposure_CVE-2025-59868 HCL Traveler for Microsoft Outlook (HTMO) is susceptible to a sensitive data exposure vulnerability which could allow an attacker to exploit applic...	HCLSoftware	Traveler for Microsoft Outlook <3.0.15	Jun 27, 2026	CVE
HIGH 8.3	MS:CVE-2026-50521	Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability_MS:CVE-2026-50521 Use after free in Microsoft Edge (Chromium-based) allows an authorized attacker to execute code over a network.	N/A	N/A	Jun 26, 2026	MSCVE
HIGH 8.3	MS:CVE-2026-11647	Chromium: CVE-2026-11647 Use after free in Printing_MS:CVE-2026-11647 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 27, 2026	MSCVE
HIGH 8.3	MS:CVE-2026-12028	Chromium: CVE-2026-12028 Use after free GPU_MS:CVE-2026-12028 This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Rel...	N/A	N/A	Jun 27, 2026	MSCVE