by Ivan Sorkin | Mar 19, 2026 | Themes
Attack Vectors News Magazine X (WordPress theme, slug: news-magazine-x) versions up to 1.2.50 are affected by CVE-2026-24382, a Medium severity issue (CVSS 5.3; vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N). Because the weakness can be exploited over the...
by Ivan Sorkin | Mar 18, 2026 | Themes
Attack Vectors CVE-2026-27332 is a Medium-severity (CVSS 6.1) Reflected Cross-Site Scripting (XSS) issue affecting the Agrofood – Elementor WooCommerce WordPress Theme (slug: agrofood) in versions prior to 1.4.0. Because this is a reflected XSS, an attacker typically...
by Ivan Sorkin | Mar 18, 2026 | Themes
Attack Vectors CVE-2025-60125 is a Medium-severity issue (CVSS 5.3, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N) affecting the FoodBook WordPress theme (slug: foodbook) in versions 4.7.6 and below. It is described as an Unauthenticated Sensitive Information Exposure...
by Ivan Sorkin | Mar 18, 2026 | Themes
Attack Vectors CVE-2025-32311 is a Medium-severity Reflected Cross-Site Scripting (XSS) issue affecting the Pressroom – News Magazine WordPress Theme (slug: pressroom) in versions <= 7.0. It can be exploited by unauthenticated attackers over the network (CVSS...
by Ivan Sorkin | Mar 18, 2026 | Themes
Attack Vectors CVE-2024-37930 is a Medium-severity issue (CVSS 5.3) affecting the SmartMag WordPress theme (slug: smartmag-responsive-retina-wordpress-magazine) in versions below 10.1.0. The exposure occurs when log files are publicly accessible on the website....
by Ivan Sorkin | Mar 12, 2026 | Themes
Attack Vectors BuddyApp (WordPress theme) versions up to and including 1.9.2 are affected by a Medium-severity reflected cross-site scripting (XSS) issue tracked as CVE-2026-22465 (CVSS 6.1). The most likely path to exploitation is through social engineering: an...
Recent Comments