Themes | WPFore

Oxpitan – Nonprofit Charity WordPress Theme Vulnerability (Critical…

by Ivan Sorkin | Feb 12, 2026 | Themes

Attack Vectors Oxpitan (the “Oxpitan – Nonprofit Charity WordPress Theme,” slug: oxpitan) versions up to and including 1.3.1 are affected by a Critical Local File Inclusion (LFI) vulnerability (CVE-2025-32294, CVSS 9.8). Because this issue is unauthenticated, an...

Fioxen – Directory Listing WordPress Theme Vulnerability (Medium) -…

by Ivan Sorkin | Feb 11, 2026 | Themes

Attack Vectors CVE-2024-43334 affects multiple WordPress themes by gavias, including the Fioxen – Directory Listing WordPress Theme (slug: fioxen). This is a Medium severity issue (CVSS 6.1) involving reflected cross-site scripting (XSS), which typically relies...

Welowe – Nonprofit Charity WordPress Theme Vulnerability (Medium) -…

by Ivan Sorkin | Feb 11, 2026 | Themes

Attack Vectors The Welowe – Nonprofit Charity WordPress Theme (slug: welowe) is affected by a Medium-severity vulnerability (CVE-2024-43334, CVSS 6.1) involving Reflected Cross-Site Scripting (XSS). In practical terms, an attacker may try to deliver a specially...

Welowe – Nonprofit Charity WordPress Theme Vulnerability (Medium) -…

by Ivan Sorkin | Feb 11, 2026 | Themes

Attack Vectors CVE-2024-43334 is a Medium-severity Reflected Cross-Site Scripting (XSS) vulnerability (CVSS 6.1) affecting the Welowe – Nonprofit Charity WordPress Theme (slug: welowe) and other “gavias” WordPress themes across various versions. The most common attack...

Constix – Construction Factory & Industrial WordPress Theme Vulnera…

by Ivan Sorkin | Feb 11, 2026 | Themes

Attack Vectors Constix – Construction Factory & Industrial WordPress Theme (slug: constix) is affected by CVE-2024-43334, a Medium-severity reflected cross-site scripting (XSS) issue (CVSS 6.1, vector CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). This type...

Constix – Construction Factory & Industrial WordPress Theme Vulnera…

by Ivan Sorkin | Feb 11, 2026 | Themes

Attack Vectors CVE-2024-43334 is a Medium severity (CVSS 6.1) Reflected Cross-Site Scripting (XSS) issue affecting the Constix – Construction Factory & Industrial WordPress Theme (slug: constix) and other “themes by gavias” across various versions. Because...

« Older Entries

Next Entries »

Oxpitan – Nonprofit Charity WordPress Theme Vulnerability (Critical…

Fioxen – Directory Listing WordPress Theme Vulnerability (Medium) -…

Welowe – Nonprofit Charity WordPress Theme Vulnerability (Medium) -…

Welowe – Nonprofit Charity WordPress Theme Vulnerability (Medium) -…

Constix – Construction Factory & Industrial WordPress Theme Vulnera…

Constix – Construction Factory & Industrial WordPress Theme Vulnera…

Recent Posts

Recent Comments

Archives

Categories

Meta

Location

Follow Us

Subscription

Success!