457711 matches found
CVE-2026-40739 WordPress LuxeDrive theme <= 1.4 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in LuxeDrive = 1.4 versions...
CVE-2026-40739
CVE-2026-40739 affects the WordPress LuxeDrive theme versions
CVE-2026-40736
WordPress Laurits theme
CVE-2026-40736 WordPress Laurits theme <= 1.5.1 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in Laurits = 1.5.1 versions...
CVE-2026-39580 WordPress Micdrop theme <= 1.3.1 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in Micdrop = 1.3.1 versions...
CVE-2026-39580
The CVE-2026-39580 entry covers an Unauthenticated PHP Object Injection in the WordPress theme Micdrop versions up to 1.3.1 . The affected component is the Micdrop WordPress theme; the root cause is a PHP Object Injection vulnerability in versions
CVE-2026-39577
CVE-2026-39577 concerns unauthenticated PHP Object Injection in WordPress Playroom theme versions
CVE-2026-39577 WordPress Playroom theme <= 1.4.1 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in Playroom = 1.4.1 versions...
CVE-2026-39578
CVE-2026-39578 refers to an unauthenticated PHP Object Injection in WordPress Theme Valiance versions
CVE-2026-39578 WordPress Valiance theme <= 1.2 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in Valiance = 1.2 versions...
CVE-2026-39567 WordPress Santé theme <= 1.5.1 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in Santé = 1.5.1 versions...
CVE-2026-39557 WordPress NeoBeat theme <= 1.7 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in NeoBeat = 1.7 versions...
CVE-2026-39557
CVE-2026-39557 describes an unauthenticated PHP Object Injection in the WordPress NeoBeat theme, version ≤ 1.7. The underlying issue is a PHP object injection vulnerability in NeoBeat’s code path, enabling unauthenticated attackers to potentially manipulate objects and achieve arbitrary code exec...
CVE-2026-39567
CVE-2026-39567 concerns the WordPress Santé theme (versions ≤ 1.5.1) with an unauthenticated PHP Object Injection vulnerability. The issue arises in Santé’s PHP handling, enabling an attacker with network access (no user interaction, no privileges) to exploit a PHP Object Injection vector. The CV...
CVE-2026-39554 WordPress Fidalgo theme <= 1.2.2 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in Fidalgo = 1.2.2 versions...
CVE-2026-39554
CVE-2026-39554 concerns WordPress Theme Fidalgo (versions
CVE-2026-39529 WordPress Elementra theme <= 1.0.9 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in Elementra = 1.0.9 versions...
CVE-2026-39539 WordPress Alloggio - Hotel Booking theme <= 2.1.2 - PHP Object Injection vulnerability
Unauthenticated PHP Object Injection in Alloggio - Hotel Booking = 2.1.2 versions...
CVE-2026-39529
The CVE identifies an unauthenticated PHP Object Injection in WordPress Elementra theme
CVE-2026-39539
Summary: CVE-2026-39539 concerns unauthenticated PHP Object Injection in the WordPress plugin/theme “Alloggio - Hotel Booking” versions ≤ 2.1.2. The affected component is the Alloggio Hotel Booking theme; the underlying issue is described as a PHP Object Injection vulnerability. The CVSS base sco...