by Ivan Sorkin | Apr 14, 2026 | Themes
Attack Vectors CVE-2026-1555 is a Critical vulnerability (CVSS 9.8, vector CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) affecting the WebStack WordPress theme (slug: webstack) in all versions up to, and including, 1.2024. The risk is driven by the fact that an...
by Ivan Sorkin | Mar 20, 2026 | Themes
Attack Vectors Product: Enfold (WordPress theme) Slug: enfold-2 Vulnerability: CVE-2026-3952 (Medium severity; CVSS 6.4, CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N) affects Enfold versions up to and including 7.1.4. This is an authenticated stored cross-site...
by Ivan Sorkin | Mar 19, 2026 | Themes
Attack Vectors Instant VA – Virtual Assistant Elementor Template Kit (slug: instantva) has a High severity vulnerability (CVSS 8.1, CVE-2026-24969) that can be exploited by an attacker who can log in as a Subscriber (or higher). This matters because Subscriber...
by Ivan Sorkin | Mar 19, 2026 | Themes
Attack Vectors CVE-2026-24970 affects the Energox | EV Charging Station WordPress Theme (theme slug: energox) in versions up to and including 1.2. This is a High severity issue (CVSS 8.1, vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H), meaning an attacker can...
by Ivan Sorkin | Mar 19, 2026 | Themes
Attack Vectors The vulnerability CVE-2026-27051 affects the Golo – City Travel Guide WordPress Theme (slug: golo) in versions 1.7.0 and below. It is rated Critical with a CVSS 9.8 score (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), meaning it can be exploited...
by Ivan Sorkin | Mar 19, 2026 | Themes
Attack Vectors CVE-2026-24971 affects the Search & Go – Directory WordPress Theme (slug: searchgo) in versions 2.8 and below. The primary attack vector is authenticated access: an attacker only needs a valid WordPress account with Subscriber-level privileges...
Recent Comments