56 matches found
CVE-2025-12895
The Kalium 3 | Creative WordPress & WooCommerce Theme theme for WordPress is vulnerable to unauthorized email sending due to a missing capability check on the kaliumvccontactformrequest function in all versions up to, and including, 3.29. This makes it possible for unauthenticated attackers to us...
WordPress Kalium plugin <= 3.29 - Missing Authorization to Unauthenticated Mail Relay via kalium_vc_contact_form_request vulnerability
Missing Authorization to Unauthenticated Mail Relay via kaliumvccontactformrequest vulnerability discovered by Ahmed Rayen Ayari in WordPress Theme Kalium versions = 3.29...
CVE-2025-12895
The Kalium 3 | Creative WordPress & WooCommerce Theme theme for WordPress is vulnerable to unauthorized email sending due to a missing capability check on the kaliumvccontactformrequest function in all versions up to, and including, 3.29. This makes it possible for unauthenticated attackers to us...
EUVD-2026-2816
The Kalium 3 | Creative WordPress & WooCommerce Theme theme for WordPress is vulnerable to unauthorized email sending due to a missing capability check on the kaliumvccontactformrequest function in all versions up to, and including, 3.29. This makes it possible for unauthenticated attackers to us...
CVE-2025-12895
The Kalium 3 | Creative WordPress & WooCommerce Theme theme for WordPress is vulnerable to unauthorized email sending due to a missing capability check on the kaliumvccontactformrequest function in all versions up to, and including, 3.29. This makes it possible for unauthenticated attackers to us...
CVE-2025-12895 Kalium <= 3.29 - Missing Authorization to Unauthenticated Mail Relay via kalium_vc_contact_form_request
The Kalium 3 | Creative WordPress & WooCommerce Theme theme for WordPress is vulnerable to unauthorized email sending due to a missing capability check on the kaliumvccontactformrequest function in all versions up to, and including, 3.29. This makes it possible for unauthenticated attackers to us...
CVE-2025-12895 Kalium <= 3.29 - Missing Authorization to Unauthenticated Mail Relay via kalium_vc_contact_form_request
The Kalium 3 | Creative WordPress & WooCommerce Theme theme for WordPress is vulnerable to unauthorized email sending due to a missing capability check on the kaliumvccontactformrequest function in all versions up to, and including, 3.29. This makes it possible for unauthenticated attackers to us...
CVE-2025-12895
CVE-2025-12895 concerns Kalium 3 (Creative WordPress & WooCommerce Theme) before version 3.29. The issue is an unauthorized email sending capability due to a missing authorization check in kalium_vc_contact_form_request(), allowing unauthenticated actors to use the site as an open mail relay to s...
WordPress plugin Kalium has a security vulnerability
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
PT-2026-3002
The Kalium 3 | Creative WordPress & WooCommerce Theme theme for WordPress is vulnerable to unauthorized email sending due to a missing capability check on the kalium vc contact form request function in all versions up to, and including, 3.29. This makes it possible for unauthenticated attackers t...
CVE-2020-24075
Cross Site Scripting XSS vulnerability in Name Input Field in Contact Us form in Laborator Kalium before 3.0.4, allows remote attackers to execute arbitrary code...
CVE-2025-53349
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Laborator Kalium kalium allows Reflected XSS.This issue affects Kalium: from n/a through = 3.18.3...
CVE-2025-53349
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Laborator Kalium kalium allows Reflected XSS.This issue affects Kalium: from n/a through = 3.18.3...
CVE-2025-53349 WordPress Kalium Theme <= 3.18.3 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Laborator Kalium kalium allows Reflected XSS.This issue affects Kalium: from n/a through = 3.18.3...
CVE-2025-53349
CVE-2025-53349 concerns the WordPress Kalium Theme (
CVE-2025-53349 WordPress Kalium Theme <= 3.18.3 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Laborator Kalium kalium allows Reflected XSS.This issue affects Kalium: from n/a through = 3.18.3...
EUVD-2025-37993
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Laborator Kalium kalium allows Reflected XSS.This issue affects Kalium: from n/a through = 3.18.3...
PT-2025-45228
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Laborator Kalium kalium allows Reflected XSS.This issue affects Kalium: from n/a through = 3.18.3...
WordPress plugin Kalium 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...
CVE-2025-49926
Improper Control of Generation of Code 'Code Injection' vulnerability in Laborator Kalium kalium allows Code Injection.This issue affects Kalium: from n/a through = 3.25...