by Ivan Sorkin | Mar 12, 2026 | Themes
Attack Vectors High severity vulnerability (CVSS 8.8) affecting Keenarch – Building & Construction WordPress Theme (slug: keenarch) in versions before 2.0.1. The issue is an authenticated (Subscriber+) arbitrary file upload risk, meaning an attacker needs a...
by Ivan Sorkin | Mar 12, 2026 | Themes
Attack Vectors CVE-2025-68553 is a medium-severity vulnerability (CVSS 5.3) affecting the Lendiz – Loan & Funding Agency WordPress theme (slug: lendiz) in versions prior to 2.0.1. The issue is described as an authenticated (Subscriber+) arbitrary file upload...
by Ivan Sorkin | Mar 12, 2026 | Themes
Attack Vectors CVE-2025-68555 is a High-severity vulnerability (CVSS 8.8) affecting the Nutrie – Health Coach and Nutrition WordPress Theme (slug: nutrie) in versions earlier than 2.0.1. The issue can be exploited by an attacker who already has a login on your...
by Ivan Sorkin | Mar 12, 2026 | Themes
Attack Vectors TheBi theme for WordPress (versions up to and including 1.0.5) has a Medium-severity vulnerability (CVSS 6.1) identified as CVE-2026-22438 involving reflected cross-site scripting (XSS). This type of issue can be exploited remotely over the internet and...
by Ivan Sorkin | Mar 12, 2026 | Themes
The thecs WordPress theme (versions ≤ 1.4.7) has a Medium-severity Reflected Cross-Site Scripting (XSS) vulnerability tracked as CVE-2026-22440 (CVSS 6.1, vector CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N). This issue can allow an unauthenticated attacker to...
by Ivan Sorkin | Mar 12, 2026 | Themes
Attack Vectors CVE-2025-54001 is a High-severity vulnerability (CVSS 8.1) affecting the Classter | Multi-Purpose HTML Theme for WordPress (slug: classter) in versions up to and including 2.5. It is exploitable over the network without authentication (CVSS vector:...
Recent Comments