by Ivan Sorkin | Mar 5, 2026 | Themes
Attack Vectors Architecturer (WordPress theme) versions up to and including 3.8.8 are affected by a Medium-severity issue (CVSS 6.1) tracked as CVE-2026-27358. This is a reflected cross-site scripting (XSS) vulnerability, which typically relies on persuading a person...
by Ivan Sorkin | Mar 5, 2026 | Themes
Attack Vectors Starto (WordPress theme) versions up to and including 2.1.9 have a Medium-severity Reflected Cross-Site Scripting (XSS) vulnerability (CVE-2026-27352, CVSS 6.1). This type of issue is commonly triggered when a user interacts with a crafted URL or...
by Ivan Sorkin | Mar 5, 2026 | Themes
Attack Vectors Guff – Blog & Magazine Ghost Theme (slug: guff) versions up to and including 1.0.1 have a Medium severity issue (CVSS 5.3, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N) tied to missing authorization. In practical terms, this means an attacker...
by Ivan Sorkin | Mar 5, 2026 | Themes
Attack Vectors The Pizza House – Restaurant / Cafe / Bistro WordPress theme (slug: pizzahouse) in versions up to and including 1.4.0 has a High-severity vulnerability (CVSS 8.1) that can be triggered remotely without authentication. In practical business terms,...
by Ivan Sorkin | Mar 5, 2026 | Themes
Attack Vectors Metro (WordPress theme) versions up to and including 2.13 are affected by a Medium-severity reflected cross-site scripting (XSS) vulnerability (CVE-2026-27382, CVSS 6.1). Reflected XSS typically relies on an attacker getting a real user to click a...
by Ivan Sorkin | Mar 5, 2026 | Themes
Attack Vectors Gecko 6.0 – Responsive Shopify Theme – RTL support (slug: gecko) is affected by a Medium-severity Reflected Cross-Site Scripting (XSS) vulnerability in versions up to and including 1.9.8 (CVE: CVE-2026-27375, CVSS 6.1). The most common...
Recent Comments