HIGH - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
HIGH 7.1	CVE-2025-52765	WordPress NetInsight Analytics Implementation Plugin <= 1.0.3 - Cross Site Request Forgery (CSRF) Vulnerability_CVE-2025-52765 Cross-Site Request Forgery (CSRF) vulnerability in lisensee NetInsight Analytics Implementation Plugin allows Stored XSS. This issue affects NetIns...	lisensee	NetInsight Analytics Implementation Plugin n/a	Aug 14, 2025	CVE
HIGH 8.2	CVE-2025-52797	WordPress StoryMap Plugin <= 2.1 - Cross Site Request Forgery (CSRF) Vulnerability_CVE-2025-52797 Cross-Site Request Forgery (CSRF) vulnerability in josepsitjar StoryMap allows SQL Injection. This issue affects StoryMap: from n/a through 2.1.	josepsitjar	StoryMap n/a	Aug 14, 2025	CVE
HIGH 7.1	CVE-2025-53575	WordPress Primer MyData for Woocommerce Plugin <= 4.2.5 - Cross Site Request Forgery (CSRF) Vulnerability_CVE-2025-53575 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in primersoftware Primer MyData for Woocommerce ...	primersoftware	Primer MyData for Woocommerce n/a	Aug 14, 2025	CVE
HIGH 8.8	CVE-2025-53587	WordPress Findgo Theme <= 1.3.57 - Cross Site Request Forgery (CSRF) Vulnerability_CVE-2025-53587 Cross-Site Request Forgery (CSRF) vulnerability in ApusTheme Findgo allows Cross Site Request Forgery. This issue affects Findgo: from n/a through ...	ApusTheme	Findgo n/a	Aug 14, 2025	CVE
HIGH 8.5	CVE-2025-55708	WordPress Quiz And Survey Master Plugin <= 10.2.4 - SQL Injection Vulnerability_CVE-2025-55708 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in ExpressTech Systems Quiz And Survey Master al...	ExpressTech Systems	Quiz And Survey Master n/a	Aug 14, 2025	CVE
HIGH 7.5	CVE-2025-8978	D-Link DIR-619L boa FirmwareUpgrade data authenticity_CVE-2025-8978 A vulnerability was determined in D-Link DIR-619L 6.02CN02. Affected is the function FirmwareUpgrade of the component boa. The manipulation leads t...	D-Link	DIR-619L 6.02CN02	Aug 14, 2025	CVE
HIGH 7.5	CVE-2025-24766	WordPress News Magazine X <= 1.2.35 - Local File Inclusion Vulnerability_CVE-2025-24766 Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in WP Royal Themes News Magaz...	WP Royal Themes	News Magazine X n/a	Aug 14, 2025	CVE
HIGH 8.2	THN:462ADF30230...	New HTTP/2 ‘MadeYouReset’ Vulnerability Enables Large-Scale DoS Attacks_THN:462ADF30230C65F3FE066F1B1EC4C286 ![New HTTP/2 'MadeYouReset' Vulnerability](data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAQAAAC1HAwCAAAAC0lEQVR42mP8Xw8AAoMBgDTD2qgAAAAASU...	N/A	N/A	Aug 14, 2025	THN
HIGH 7.3	CVE-2025-55195	@std/toml Prototype Pollution in Node.js and Browser_CVE-2025-55195 @std/toml is the Deno Standard Library. Prior to version 1.0.9, an attacker can pollute the prototype chain in Node.js runtime and Browser when par...	denoland	std < 1.0.9	Aug 14, 2025	CVE
HIGH 8.6	CVE-2025-55192	HomeAssistant-Tapo-Control Code Injection Vulnerability in issues.yml Workflow_CVE-2025-55192 HomeAssistant-Tapo-Control offers Control for Tapo cameras as a Home Assistant component. Prior to commit 2a3b80f, there is a code injection vulner...	JurajNyiri	HomeAssistant-Tapo-Control < 2a3b80ff128ddf4f410c97dd47a94343792ce43c	Aug 14, 2025	CVE