by Ivan Sorkin | Feb 2, 2026 | Themes
Attack Vectors WPJobster (Jobster slug: wpjobster) versions up to and including 6.3.5 are vulnerable to a Reflected Cross-Site Scripting (XSS) issue (CVE-2026-22339) with Medium severity (CVSS 6.1). In practical terms, an attacker can craft a malicious link or request...
by Ivan Sorkin | Feb 2, 2026 | Themes
Attack Vectors High severity vulnerability CVE-2026-22340 affects the WPJobster WordPress theme (product name: Jobster, slug: wpjobster) up to and including version 6.3.5. The issue is an unauthenticated SQL Injection, meaning an external attacker can attempt...
by Ivan Sorkin | Feb 2, 2026 | Themes
Attack Vectors The Oxygen theme for WordPress (slug: oxygen) is affected by an unauthenticated Server-Side Request Forgery (SSRF) vulnerability in versions up to and including 6.0.8. Because no login is required (High severity; CVSS 7.2), an external attacker can...
by Ivan Sorkin | Feb 2, 2026 | Themes
Attack Vectors CVE-2025-69367 is a High severity vulnerability (CVSS 7.2) affecting the Oyster – Photography WordPress Theme (slug: oyster) in versions up to and including 4.4.3. It is an Unauthenticated Stored Cross-Site Scripting (Stored XSS) issue, meaning an...
by Ivan Sorkin | Feb 2, 2026 | Themes
Attack Vectors CVE-2025-67547 affects the Konte – Minimal & Modern WooCommerce Theme (slug: konte) in versions up to and including 2.4.6. Because the issue is a missing authorization (capability) check, an unauthenticated attacker can reach a vulnerable...
by Ivan Sorkin | Feb 2, 2026 | Themes
Attack Vectors Capella (capella) theme versions 2.5.5 and earlier are affected by a High-severity vulnerability (CVSS 8.1) identified as CVE-2025-69370. The issue is described as unauthenticated PHP Object Injection through the deserialization of untrusted input,...
Recent Comments