Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

Cvelist
Cvelistadded 2026/02/20 3:47 p.m.20 views

CVE-2026-24949 WordPress PhotoMe theme <= 5.7.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods PhotoMe photome allows DOM-Based XSS.This issue affects PhotoMe: from n/a through = 5.7.1...

7.1CVSS0.00045EPSS
Exploits0References1
CVE
CVEadded 2026/02/20 3:47 p.m.7 views

CVE-2026-24949

CVE-2026-24949 affects ThemeGoods PhotoMe photome WordPress theme

7.1CVSS5.5AI score0.00045EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/02/20 3:47 p.m.3 views

CVE-2026-24949 WordPress PhotoMe theme <= 5.7.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods PhotoMe photome allows DOM-Based XSS.This issue affects PhotoMe: from n/a through = 5.7.1...

7.1CVSS5.3AI score0.00045EPSS
Exploits0References1
Vulnrichment
Vulnrichmentadded 2026/02/20 3:46 p.m.1 views

CVE-2025-69301 WordPress PhotoMe theme <= 5.6.11 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in ThemeGoods PhotoMe photome allows Object Injection.This issue affects PhotoMe: from n/a through = 5.6.11...

5.4AI score0.00061EPSS
Exploits0References1
CVE
CVEadded 2026/02/20 3:46 p.m.5 views

CVE-2025-69301

CVE-2025-69301 describes a PHP object injection due to deserialization of untrusted data in the PhotoMe WordPress theme (Theme PhotoMe/photome). Affected: PhotoMe versions n/a through 5.6.11. Root cause: deserialization of untrusted data enabling object injection. Impact (per CVSS 3.1): high conf...

9.8CVSS5.5AI score0.00061EPSS
Exploits0References1
Patchstack
Patchstackadded 2026/01/27 11:29 a.m.3 views

WordPress PhotoMe theme <= 5.6.11 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme PhotoMe versions = 5.6.11...

9.8CVSS5.9AI score0.00061EPSS
Exploits0Affected Software1
Vulnrichment
Vulnrichmentadded 2026/01/22 4:52 p.m.2 views

CVE-2026-24381 WordPress PhotoMe theme < 5.7.2 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in ThemeGoods PhotoMe photome allows Server Side Request Forgery.This issue affects PhotoMe: from n/a through 5.7.2...

5.4CVSS5.4AI score0.00049EPSS
Exploits0References1
CVE
CVEadded 2026/01/22 4:52 p.m.3 views

CVE-2026-24381

CVE-2026-24381 is a SSRF in PhotoMe photome (WordPress theme/plugin) affecting PhotoMe versions before 5.7.2. Public disclosures in multiple feeds confirm an unauthenticated SSRF; Red Hat, CIRCL, NVD, and Wordfence reference this entry. The issue targets the PhotoMe photome component; remediation...

5.4CVSS5.4AI score0.00049EPSS
Exploits0References1
Patchstack
Patchstackadded 2026/01/02 2:41 p.m.2 views

WordPress PhotoMe theme < 5.7.2 - Server Side Request Forgery (SSRF) vulnerability

Server Side Request Forgery SSRF vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme PhotoMe versions 5.7.2...

5.4CVSS5.4AI score0.00049EPSS
Exploits0Affected Software1
Rows per page
Query Builder