by Ivan Sorkin | Mar 6, 2026 | Themes
Attack Vectors CVE-2025-31912 is a Critical vulnerability (CVSS 9.8) affecting the Enzio – Responsive Business WordPress Theme (slug: enzio) in versions earlier than 1.2.6. Because it is unauthenticated, attackers can attempt to exploit it over the internet...
by Ivan Sorkin | Mar 6, 2026 | Themes
Attack Vectors CVE-2025-31064 is a Critical vulnerability (CVSS 9.8, CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) affecting the Vizeon – Business Consulting WordPress theme (slug: vizeon) in versions below 1.2.1. It is an unauthenticated Local File Inclusion...
by Ivan Sorkin | Mar 6, 2026 | Themes
Attack Vectors CVE-2025-32595 is a Critical vulnerability (CVSS 9.8) affecting the Krowd – Crowdfunding & Charity WordPress Theme (slug: krowd) in versions prior to 1.5.0. The issue is an Unauthenticated Local File Inclusion (LFI), meaning an attacker can...
by Ivan Sorkin | Mar 6, 2026 | Themes
Attack Vectors CVE-2024-43334 is a Medium-severity reflected cross-site scripting (XSS) issue affecting multiple WordPress themes by gavias, including the Constix – Construction Factory & Industrial WordPress Theme (slug: constix) in various versions. The...
by Ivan Sorkin | Mar 6, 2026 | Themes
Attack Vectors CVE-2024-43334 affects the Constix – Construction Factory & Industrial WordPress Theme (slug: constix) and is rated Medium severity (CVSS 6.1). The issue is a reflected cross-site scripting (XSS) weakness, meaning an attacker can try to get a...
by Ivan Sorkin | Mar 5, 2026 | Themes
Attack Vectors CVE-2026-27439 affects the Dentario WordPress theme (dentario) in versions up to and including 1.5. The issue is an unauthenticated PHP Object Injection risk caused by deserialization of untrusted input. From a business-risk perspective, the most...
Recent Comments