by Ivan Sorkin | Mar 12, 2026 | Themes
Attack Vectors TheBi theme for WordPress (versions up to and including 1.0.5) has a Medium-severity vulnerability (CVSS 6.1) identified as CVE-2026-22438 involving reflected cross-site scripting (XSS). This type of issue can be exploited remotely over the internet and...
by Ivan Sorkin | Mar 12, 2026 | Themes
The thecs WordPress theme (versions ≤ 1.4.7) has a Medium-severity Reflected Cross-Site Scripting (XSS) vulnerability tracked as CVE-2026-22440 (CVSS 6.1, vector CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). This issue can allow an unauthenticated attacker to...
by Ivan Sorkin | Mar 12, 2026 | Themes
Attack Vectors CVE-2025-54001 is a High-severity vulnerability (CVSS 8.1) affecting the Classter | Multi-Purpose HTML Theme for WordPress (slug: classter) in versions up to and including 2.5. It is exploitable over the network without authentication (CVSS vector:...
by Ivan Sorkin | Mar 12, 2026 | Themes
Attack Vectors CVE-2026-22451 impacts the Handyman theme for WordPress (handyman-services) up to and including version 1.4. Because it is an unauthenticated issue, an external attacker does not need a WordPress login to attempt exploitation, which increases practical...
by Ivan Sorkin | Mar 12, 2026 | Themes
Attack Vectors CVE-2026-22453 affects the Pets Club – Pet Care WordPress Theme + Shop (slug: petclub) in versions up to and including 2.3. The issue is rated High severity with a CVSS 8.1 score (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H), meaning it can be...
Recent Comments