HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.1	CVE-2025-49064	WordPress User Language Switch plugin <= 1.6.10 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2025-49064 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Webilop User Language Switch allows Reflected...	Webilop	User Language Switch n/a	Aug 14, 2025	CVE
HIGH 7.1	CVE-2025-49063	WordPress BaiduXZH Submit(百度熊掌号) plugin <= 1.4.6 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2025-49063 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in i3geek BaiduXZH Submit(百度熊掌号) allows Ref...	i3geek	BaiduXZH Submit(百度熊掌号) n/a	Aug 14, 2025	CVE
HIGH 7.1	CVE-2025-49062	WordPress WP-jScrollPane plugin <= 2.0.3 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2025-49062 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cornfeed WP-jScrollPane allows Reflected XSS....	cornfeed	WP-jScrollPane n/a	Aug 14, 2025	CVE
HIGH 7.1	CVE-2025-49058	WordPress SoundSt SEO Search plugin <= 1.2.3 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2025-49058 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Sound Strategies SoundSt SEO Search allows Re...	Sound Strategies	SoundSt SEO Search n/a	Aug 14, 2025	CVE
HIGH 7.1	CVE-2025-49057	WordPress WP Voting Plugin <= 1.8 - Cross Site Scripting (XSS) Vulnerability_CVE-2025-49057 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Ko Min WP Voting allows Reflected XSS. This i...	Ko Min	WP Voting n/a	Aug 14, 2025	CVE
HIGH 7.1	CVE-2025-49056	WordPress 多说社会化评论框 Plugin <= 1.2 - Cross Site Scripting (XSS) Vulnerability_CVE-2025-49056 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in shen2 多说社会化评论框 allows Reflected XSS. ...	shen2	多说社会化评论框 n/a	Aug 14, 2025	CVE
HIGH 7.1	CVE-2025-49054	WordPress Time Sheets plugin <= 2.1.3 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2025-49054 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in mrdenny Time Sheets allows Reflected XSS. Thi...	mrdenny	Time Sheets n/a	Aug 14, 2025	CVE
HIGH 7.1	CVE-2025-49044	WordPress Simple Poll plugin <= 1.1.1 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability_CVE-2025-49044 Cross-Site Request Forgery (CSRF) vulnerability in tosend.it Simple Poll allows Stored XSS. This issue affects Simple Poll: from n/a through 1.1.1.	tosend.it	Simple Poll n/a	Aug 14, 2025	CVE
HIGH 7.1	CVE-2025-49038	WordPress WP Dynamic Links plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2025-49038 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Soflyy WP Dynamic Links allows Reflected XSS....	Soflyy	WP Dynamic Links n/a	Aug 14, 2025	CVE
HIGH 7.1	CVE-2025-49037	WordPress Authentication and xmlrpc log writer plugin <= 1.2.2 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2025-49037 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Federico Rota Authentication and xmlrpc log w...	Federico Rota	Authentication and xmlrpc log writer n/a	Aug 14, 2025	CVE