by Ivan Sorkin | Mar 19, 2026 | Themes
Attack Vectors CVE-2026-24973 is a Medium-severity (CVSS 6.1) reflected cross-site scripting (XSS) issue affecting the Support for CitiLights – Real Estate WordPress Theme (slug: noo-citilights) in versions up to and including 3.7.1. Because this is a reflected...
by Ivan Sorkin | Mar 19, 2026 | Themes
Attack Vectors CVE-2026-22507 affects the Beelove | Honey Production and Sweets Online Store WordPress Theme (slug: beelove) in versions up to and including 1.2.6. The issue is rated High severity (CVSS 8.1), and it is unauthenticated, meaning an attacker does not...
by Ivan Sorkin | Mar 19, 2026 | Themes
Attack Vectors CVE-2026-22510 is a High-severity vulnerability (CVSS 8.1; CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H) affecting the Melody theme for WordPress (product/slug: melodyschool) in versions up to and including 1.6.3. Because it is unauthenticated, an...
by Ivan Sorkin | Mar 19, 2026 | Themes
Attack Vectors CVE-2026-27084 is a High-severity vulnerability (CVSS 8.1) affecting the Buisson WordPress theme (slug: buisson) in versions up to and including 1.1.11. Details are published at the CVE record and in the original advisory. This issue is unauthenticated,...
by Ivan Sorkin | Mar 19, 2026 | Themes
Attack Vectors CVE-2026-27083 affects the Work & Travel Company – Youth Programs WordPress theme (slug: work-travel-company) in versions <= 1.2. The issue is rated High severity with a CVSS score of 8.1. This vulnerability can be targeted remotely over...
by Ivan Sorkin | Mar 19, 2026 | Themes
Attack Vectors Love Story (lovestory) theme for WordPress is affected by CVE-2026-27082, a High severity issue (CVSS 8.1) involving PHP deserialization of untrusted input. Because the vulnerability is unauthenticated, an attacker does not need a valid WordPress...
Recent Comments