CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.9	CVE-2026-40748	WordPress Kids Gift Shop theme <= 0.5.4 - Arbitrary File Upload vulnerability_CVE-2026-40748 Subscriber Arbitrary File Upload in Kids Gift Shop	themagnifico52	Kids Gift Shop n/a	Jun 17, 2026	CVE
CRITICAL 9.9	CVE-2026-40747	WordPress Ecommerce Zone theme <= 0.9.7 - Arbitrary File Upload vulnerability_CVE-2026-40747 Subscriber Arbitrary File Upload in Ecommerce Zone	themagnifico52	Ecommerce Zone 0.9.7	Jun 17, 2026	CVE
CRITICAL 9.9	CVE-2026-40746	WordPress Restaurant Zone theme <= 0.7.8 - Arbitrary File Upload vulnerability_CVE-2026-40746 Subscriber Arbitrary File Upload in Restaurant Zone	themagnifico52	Restaurant Zone n/a	Jun 17, 2026	CVE
CRITICAL 9.8	CVE-2026-40725	WordPress WooCommerce Product Filters plugin < 2.0.6 - PHP Object Injection vulnerability_CVE-2026-40725 Unauthenticated PHP Object Injection in WooCommerce Product Filters < 2.0.6 versions.	Barn2 Media Ltd	WooCommerce Product Filters n/a	Jun 17, 2026	CVE
CRITICAL 9.3	CVE-2026-39596	WordPress Blocksy Companion Pro plugin < 2.1.29 - SQL Injection vulnerability_CVE-2026-39596 Unauthenticated SQL Injection in Blocksy Companion Pro < 2.1.29 versions.	Creative Themes	Blocksy Companion Pro n/a	Jun 17, 2026	CVE
CRITICAL 9.9	CVE-2026-39589	WordPress Webenvo theme <= 0.0.6 - Arbitrary File Upload vulnerability_CVE-2026-39589 Subscriber Arbitrary File Upload in Webenvo	A WP Life	Webenvo n/a	Jun 17, 2026	CVE
CRITICAL 9.9	CVE-2026-27041	WordPress Unlimited Elements for Elementor (Premium) plugin <= 2.0.6 - Arbitrary File Upload vulnerability_CVE-2026-27041 Contributor Arbitrary File Upload in Unlimited Elements for Elementor (Premium)	Studio Keren Aga LTD.	Unlimited Elements for Elementor (Premium) n/a	Jun 17, 2026	CVE
CRITICAL 9.9	CVE-2026-25446	WordPress WishList Member X plugin <= 3.29.0 - Arbitrary File Upload vulnerability_CVE-2026-25446 Subscriber Arbitrary File Upload in WishList Member X	WishList Products, LLC.	WishList Member X n/a	Jun 17, 2026	CVE
CRITICAL 9.1	CVE-2026-24611	WordPress MetForm Pro plugin <= 3.9.1 - Broken Access Control vulnerability_CVE-2026-24611 Unauthenticated Broken Access Control in MetForm Pro	WPMet	MetForm Pro n/a	Jun 17, 2026	CVE
CRITICAL 9.3	CVE-2026-22340	WordPress WPJobster theme <= 6.3.5 - SQL Injection vulnerability_CVE-2026-22340 Unauthenticated SQL Injection in WPJobster	Jobster Marketplace	WPJobster n/a	Jun 17, 2026	CVE