56 matches found
CVE-2025-12895
The Kalium 3 | Creative WordPress & WooCommerce Theme theme for WordPress is vulnerable to unauthorized email sending due to a missing capability check on the kaliumvccontactformrequest function in all versions up to, and including, 3.29. This makes it possible for unauthenticated attackers to us...
WordPress Kalium plugin <= 3.29 - Missing Authorization to Unauthenticated Mail Relay via kalium_vc_contact_form_request vulnerability
Missing Authorization to Unauthenticated Mail Relay via kaliumvccontactformrequest vulnerability discovered by Ahmed Rayen Ayari in WordPress Theme Kalium versions = 3.29...
CVE-2025-12895
The Kalium 3 | Creative WordPress & WooCommerce Theme theme for WordPress is vulnerable to unauthorized email sending due to a missing capability check on the kaliumvccontactformrequest function in all versions up to, and including, 3.29. This makes it possible for unauthenticated attackers to us...
CVE-2025-12895 Kalium <= 3.29 - Missing Authorization to Unauthenticated Mail Relay via kalium_vc_contact_form_request
The Kalium 3 | Creative WordPress & WooCommerce Theme theme for WordPress is vulnerable to unauthorized email sending due to a missing capability check on the kaliumvccontactformrequest function in all versions up to, and including, 3.29. This makes it possible for unauthenticated attackers to us...
CVE-2025-12895 Kalium <= 3.29 - Missing Authorization to Unauthenticated Mail Relay via kalium_vc_contact_form_request
The Kalium 3 | Creative WordPress & WooCommerce Theme theme for WordPress is vulnerable to unauthorized email sending due to a missing capability check on the kaliumvccontactformrequest function in all versions up to, and including, 3.29. This makes it possible for unauthenticated attackers to us...
EUVD-2026-2816
The Kalium 3 | Creative WordPress & WooCommerce Theme theme for WordPress is vulnerable to unauthorized email sending due to a missing capability check on the kaliumvccontactformrequest function in all versions up to, and including, 3.29. This makes it possible for unauthenticated attackers to us...
CVE-2025-12895
The Kalium 3 | Creative WordPress & WooCommerce Theme theme for WordPress is vulnerable to unauthorized email sending due to a missing capability check on the kaliumvccontactformrequest function in all versions up to, and including, 3.29. This makes it possible for unauthenticated attackers to us...
CVE-2025-12895
CVE-2025-12895 concerns Kalium 3 (Creative WordPress & WooCommerce Theme) before version 3.29. The issue is an unauthorized email sending capability due to a missing authorization check in kalium_vc_contact_form_request(), allowing unauthenticated actors to use the site as an open mail relay to s...
PT-2026-3002
The Kalium 3 | Creative WordPress & WooCommerce Theme theme for WordPress is vulnerable to unauthorized email sending due to a missing capability check on the kalium vc contact form request function in all versions up to, and including, 3.29. This makes it possible for unauthenticated attackers t...
WordPress plugin Kalium has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
CVE-2020-24075
Cross Site Scripting XSS vulnerability in Name Input Field in Contact Us form in Laborator Kalium before 3.0.4, allows remote attackers to execute arbitrary code...
CVE-2025-53349
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Laborator Kalium kalium allows Reflected XSS.This issue affects Kalium: from n/a through = 3.18.3...
CVE-2025-53349
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Laborator Kalium kalium allows Reflected XSS.This issue affects Kalium: from n/a through = 3.18.3...
CVE-2025-53349 WordPress Kalium Theme <= 3.18.3 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Laborator Kalium kalium allows Reflected XSS.This issue affects Kalium: from n/a through = 3.18.3...
EUVD-2025-37993
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Laborator Kalium kalium allows Reflected XSS.This issue affects Kalium: from n/a through = 3.18.3...
CVE-2025-53349 WordPress Kalium Theme <= 3.18.3 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Laborator Kalium kalium allows Reflected XSS.This issue affects Kalium: from n/a through = 3.18.3...
CVE-2025-53349
CVE-2025-53349 concerns the WordPress Kalium Theme (
WordPress plugin Kalium 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...
PT-2025-45228
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Laborator Kalium kalium allows Reflected XSS.This issue affects Kalium: from n/a through = 3.18.3...
CVE-2025-49926
Improper Control of Generation of Code 'Code Injection' vulnerability in Laborator Kalium kalium allows Code Injection.This issue affects Kalium: from n/a through = 3.25...