by Ivan Sorkin | Feb 26, 2026 | Themes
Attack Vectors ListingPro – WordPress Directory & Listing Theme (slug: listingpro) has a High-severity vulnerability (CVE-2024-39624, CVSS 8.8, vector CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) affecting all versions up to and including 2.9.4. Because...
by Ivan Sorkin | Feb 25, 2026 | Themes
Attack Vectors The Restricted Site Access WordPress plugin (restricted-site-access) has a Medium severity issue (CVSS 5.3) that can be exploited over the network without login credentials. In affected versions (up to and including 6.3.0), an attacker may be able to...
by Ivan Sorkin | Feb 25, 2026 | Themes
Attack Vectors The Love Travel WordPress theme (slug: lovetravel) is affected by a Medium-severity reflected cross-site scripting (XSS) and cross-frame scripting issue in versions 2.0 through 3.7 (CVSS 6.1; vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). An...
by Ivan Sorkin | Feb 25, 2026 | Themes
Attack Vectors CVE-2025-68541 is a High-severity issue (CVSS 8.1) affecting the Ippsum – Business Consulting WordPress Theme (slug: ippsum) in versions up to and including 1.2.0. The reported exposure is unauthenticated, meaning an external attacker may be able to...
by Ivan Sorkin | Feb 25, 2026 | Themes
Attack Vectors CVE-2026-25367 is a Medium severity (CVSS 5.3) missing authorization issue affecting the Support for CitiLights – Real Estate WordPress Theme (slug: noo-citilights) in versions reported as up to 3.7.2. The CVSS vector...
by Ivan Sorkin | Feb 25, 2026 | Themes
Attack Vectors CVE-2025-68549 is a High-severity vulnerability (CVSS 8.8, CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) affecting the Wiguard – CCTV & Security WordPress Theme for Surveillance Companies (slug: wiguard) in versions below 2.0.1. The primary attack...
Recent Comments