by Ivan Sorkin | Mar 12, 2026 | Themes
Attack Vectors DeepDigital – Web Design Agency WordPress Theme (slug: deepdigital) versions up to and including 1.0.2 are affected by a Medium-severity reflected cross-site scripting (XSS) vulnerability (CVE-2026-22467, CVSS 6.1). The most common path for this type of...
by Ivan Sorkin | Mar 12, 2026 | Themes
Attack Vectors CVE-2025-69096 is a Medium-severity (CVSS 6.1) Reflected Cross-Site Scripting (XSS) vulnerability affecting the Zorka – Wonderful Fashion WooCommerce Theme (WordPress theme slug: zorka) in versions up to and including 1.5.7. This issue can be exploited...
by Ivan Sorkin | Mar 12, 2026 | Themes
Attack Vectors CVE-2026-28036 is a Medium-severity Server-Side Request Forgery (SSRF) issue (CVSS 6.4) affecting the Restaurant WordPress Theme | Ratatouille theme (slug: ratatouille) in versions up to and including 1.2.6. The key exposure is that an attacker needs...
by Ivan Sorkin | Mar 12, 2026 | Themes
Attack Vectors CarZone – A Complete Car Dealer HTML Wire-Frame (slug: carzone) is affected by CVE-2026-27338, a High severity issue (CVSS 7.5; CVE record) that can be triggered over the network by an authenticated user with Subscriber-level access or higher....
by Ivan Sorkin | Mar 12, 2026 | Themes
Attack Vectors CVE-2026-24960 is a High severity vulnerability (CVSS 8.8) affecting the Charety – Charity & Donation WordPress Theme (slug: charety) in versions prior to 2.0.2. The issue allows an attacker with an authenticated WordPress account (including...
by Ivan Sorkin | Mar 12, 2026 | Themes
Attack Vectors CVE-2026-22417 is a High-severity vulnerability (CVSS 8.1) affecting the Grand Wedding WordPress theme (slug: grandwedding) in versions <= 3.1.0. The issue is described as an unauthenticated PHP Object Injection, meaning an attacker can target...
Recent Comments