CVE-2026-24612

CVE-2026-24612 is a missing Authorization vulnerability in the WordPress plugin/theme Orchid Store (theme version 1.5.15) or apply vendor-provided fixes once available. If no upgrade is feasible, monitor for official patches and advisories from the vendor.

CVE-2026-24612 WordPress Orchid Store theme <= 1.5.15 - Broken Access Control vulnerability

Missing Authorization vulnerability in themebeez Orchid Store orchid-store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Orchid Store: from n/a through = 1.5.15...

CVE-2026-24612 WordPress Orchid Store theme <= 1.5.15 - Broken Access Control vulnerability

Missing Authorization vulnerability in themebeez Orchid Store orchid-store allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Orchid Store: from n/a through = 1.5.15...

EUVD-2024-47966

Malicious code in bioql PyPI...

CVE-2024-6987

The Orchid Store theme for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'orchidstoreactivateplugin' function in all versions up to, and including, 1.5.6. This makes it possible for authenticated attackers, with Subscriber-level access and...

WordPress Orchid Store theme <= 1.5.6 - Missing Authorization to Authenticated (Subscriber+) Limited Plugin Activation vulnerability

Missing Authorization to Authenticated Subscriber+ Limited Plugin Activation vulnerability discovered by Lucio Sá in WordPress Theme Orchid Store versions = 1.5.6...

WordPress theme Orchid Store 安全漏洞

WordPress is a blogging platform developed in the PHP language by the WordPress Foundation. The platform supports personal blog sites on PHP and MySQL servers.WordPress theme is a theme for WordPress. A security vulnerability exists in WordPress theme Orchid Store version 1.5.6 and earlier...