CRITICAL - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
CRITICAL 9.3	CVE-2026-40771	WordPress Contest Gallery plugin <= 28.1.6 - SQL Injection vulnerability_CVE-2026-40771 Unauthenticated SQL Injection in Contest Gallery	Wasiliy Strecker	Contest Gallery n/a	Jun 15, 2026	CVE
CRITICAL 9.9	CVE-2026-39591	WordPress WP-BusinessDirectory plugin <= 4.0.0 - Arbitrary File Upload vulnerability_CVE-2026-39591 Subscriber Arbitrary File Upload in WP-BusinessDirectory	CMSJunkie – WordPress Business Directory Plugins	WP-BusinessDirectory n/a	Jun 15, 2026	CVE
CRITICAL 9.8	CVE-2026-39583	WordPress Datalogics Ecommerce Delivery plugin <= 2.6.62 - Privilege Escalation vulnerability_CVE-2026-39583 Unauthenticated Privilege Escalation in Datalogics Ecommerce Delivery	Datalogics	Datalogics Ecommerce Delivery n/a	Jun 15, 2026	CVE
CRITICAL 9.3	CVE-2026-39530	WordPress SpeakOut! Email Petitions plugin <= 4.6.5 - SQL Injection vulnerability_CVE-2026-39530 Unauthenticated SQL Injection in SpeakOut! Email Petitions	SpeakOut!	SpeakOut! Email Petitions n/a	Jun 15, 2026	CVE
CRITICAL 9.3	CVE-2026-39519	WordPress GeekyBot plugin <= 1.2.0 - SQL Injection vulnerability_CVE-2026-39519 Unauthenticated SQL Injection in GeekyBot	Ahmad	GeekyBot n/a	Jun 15, 2026	CVE
CRITICAL 9.3	CVE-2026-39512	WordPress GeoDirectory plugin <= 2.8.152 - SQL Injection vulnerability_CVE-2026-39512 Unauthenticated SQL Injection in GeoDirectory	Paolo	GeoDirectory n/a	Jun 15, 2026	CVE
CRITICAL 9.3	CVE-2026-39511	WordPress WP Photo Album Plus plugin <= 9.1.08.001 - SQL Injection vulnerability_CVE-2026-39511 Unauthenticated SQL Injection in WP Photo Album Plus	Jacob N. Breetvelt	WP Photo Album Plus n/a	Jun 15, 2026	CVE
CRITICAL 9.3	CVE-2026-39502	WordPress Form Maker by 10Web plugin <= 1.15.38 - SQL Injection vulnerability_CVE-2026-39502 Unauthenticated SQL Injection in Form Maker by 10Web	10Web	Form Maker by 10Web 1.15.38	Jun 15, 2026	CVE
CRITICAL 9.3	CVE-2026-39493	WordPress Simply Schedule Appointments plugin <= 1.6.9.27 - SQL Injection vulnerability_CVE-2026-39493 Unauthenticated SQL Injection in Simply Schedule Appointments	NSquared	Simply Schedule Appointments n/a	Jun 15, 2026	CVE
CRITICAL 9.3	CVE-2026-39492	WordPress WP Maps plugin <= 4.9.1 - SQL Injection vulnerability_CVE-2026-39492 Unauthenticated SQL Injection in WP Maps	Flipper Code – WordPress Development Company	WP Maps n/a	Jun 15, 2026	CVE