by Ivan Sorkin | Apr 15, 2026 | Themes
Attack Vectors Architecturer (WordPress theme, slug: architecturer) versions earlier than 3.9.5 are affected by a Medium-severity reflected cross-site scripting (XSS) issue (CVE-2026-27358, CVSS 6.1; vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). This...
by Ivan Sorkin | Apr 15, 2026 | Themes
Attack Vectors The Musico WordPress theme (slug: musico) is affected by a Medium severity reflected cross-site scripting (XSS) vulnerability (CVE-2026-27367, CVSS 6.1). In practical terms, an attacker can attempt to inject malicious script into a page response by...
by Ivan Sorkin | Apr 15, 2026 | Plugins
Attack Vectors Profile Builder Pro versions before 3.14.0 are affected by a High-severity vulnerability (CVE-2026-27413, CVSS 7.5) that can be exploited without authentication. In practical terms, this means an external attacker can target a vulnerable website over...
by Ivan Sorkin | Apr 15, 2026 | Plugins
Attack Vectors CVE-2025-52753 is a medium-severity (CVSS 6.1) reflected cross-site scripting (XSS) issue affecting the WordPress plugin Contact Form by Supsystic (slug: contact-form-by-supsystic) in versions up to and including 1.7.36. The attack is typically...
by Ivan Sorkin | Apr 15, 2026 | Themes
Attack Vectors CVE-2025-69370 is a High-severity vulnerability (CVSS 8.1, vector CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) affecting the Capella | Restaurant WordPress theme (capella) in versions <= 2.5.5. The issue is unauthenticated, meaning an attacker does...
Recent Comments