news - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
Unknown	ADV-1001	CVE-2025-46254 WordPress Visual Composer Website Builder plugin <= 45.10.0 - Cross Site Scripting (XSS) vulnerability Vulnerability Details Basic Information Title CVE-2025-46254 WordPress Visual Composer Website Builder plugin	N/A	N/A	Apr 23, 2025	NEWS
Unknown	ADV-1000	CVE-2025-46254 WordPress Visual Composer Website Builder plugin <= 45.10.0 - Cross Site Scripting (XSS) vulnerability Vulnerability Details Basic Information Title CVE-2025-46254 WordPress Visual Composer Website Builder plugin	N/A	N/A	Apr 23, 2025	NEWS
Unknown	ADV-0999	CVE-2025-3457 Ocean Extra <= 2.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Vulnerability Details Basic Information Title CVE-2025-3457 Ocean Extra	N/A	N/A	Apr 23, 2025	NEWS
Unknown	ADV-0998	CVE-2025-3457 Ocean Extra <= 2.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Vulnerability Details Basic Information Title CVE-2025-3457 Ocean Extra	N/A	N/A	Apr 23, 2025	NEWS
Unknown	ADV-0997	CVE-2025-3472 Ocean Extra <= 2.4.6 - Unauthenticated Arbitrary Shortcode Execution Vulnerability Details Basic Information Title CVE-2025-3472 Ocean Extra	N/A	N/A	Apr 23, 2025	NEWS
Unknown	ADV-0996	CVE-2025-3458 Ocean Extra <= 2.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'ocean_gallery_id' Vulnerability Details Basic Information Title CVE-2025-3458 Ocean Extra	N/A	N/A	Apr 23, 2025	NEWS
Unknown	ADV-0995	CVE-2025-3458 Ocean Extra <= 2.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'ocean_gallery_id' Vulnerability Details Basic Information Title CVE-2025-3458 Ocean Extra	N/A	N/A	Apr 23, 2025	NEWS
Unknown	ADV-0994	CVE-2025-3472 Ocean Extra <= 2.4.6 - Unauthenticated Arbitrary Shortcode Execution Vulnerability Details Basic Information Title CVE-2025-3472 Ocean Extra	N/A	N/A	Apr 23, 2025	NEWS
Unknown	ADV-0993	Ghost-Route – Ghost Route Detects If A Next JS Site Is Vulnerable To The Corrupt Middleware Bypass Bug (CVE-2025-29927) Vulnerability Details Basic Information Title Ghost-Route – Ghost Route Detects If A Next JS Site Is Vulnerable To The Corrupt Middleware Byp...	N/A	N/A	Apr 23, 2025	NEWS
Unknown	ADV-0992	GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages Security Update News Update Information Title GCP Cloud Composer Bug Let Attackers Elevate Access via Malicious PyPI Packages Update ID THN:CAA73BB...	N/A	N/A	Apr 23, 2025	NEWS