by Ivan Sorkin | Mar 12, 2026 | Themes
Attack Vectors CVE-2026-22451 impacts the Handyman theme for WordPress (handyman-services) up to and including version 1.4. Because it is an unauthenticated issue, an external attacker does not need a WordPress login to attempt exploitation, which increases practical...
by Ivan Sorkin | Mar 12, 2026 | Themes
Attack Vectors CVE-2026-22453 affects the Pets Club – Pet Care WordPress Theme + Shop (slug: petclub) in versions up to and including 2.3. The issue is rated High severity with a CVSS 8.1 score (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H), meaning it can be...
by Ivan Sorkin | Mar 12, 2026 | Themes
Attack Vectors CVE-2026-22454 is a High-severity vulnerability (CVSS 8.1) affecting the Solaris WordPress theme in versions 2.5 and earlier. The issue is exploitable over the network and does not require an attacker to be logged in (unauthenticated). In practical...
by Ivan Sorkin | Mar 12, 2026 | Themes
Attack Vectors CVE-2026-22455 is a Medium severity issue (CVSS 6.1; CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N) affecting the Thebe – Portfolio WordPress Theme (slug: thebe) in versions up to and including 1.3.0. This is a Reflected Cross-Site Scripting (XSS)...
by Ivan Sorkin | Mar 12, 2026 | Themes
Attack Vectors CVE-2026-27332 is a Medium-severity reflected cross-site scripting (XSS) issue affecting the agrofood WordPress theme in versions up to and including 1.3.0 (CVSS 3.1 score: 6.1). The attack is network-based and can be performed by an unauthenticated...
by Ivan Sorkin | Mar 10, 2026 | Themes
Attack Vectors Affected product: Astra theme for WordPress (slug: astra) versions up to and including 4.12.3. Vulnerability: CVE-2026-3534 (Severity: Medium, CVSS 6.4; vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N). Public record:...
Recent Comments