CVE-2026-22434 WordPress Crown Art theme <= 1.2.11 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Crown Art crown-art allows PHP Local File Inclusion.This issue affects Crown Art: from n/a through = 1.2.11...

CVE-2026-22434

CVE-2026-22434 details a Local File Inclusion in Crown Art (AncoraThemes Crown Art) WordPress theme. Public sources confirm improper control of filename for include/require statements, leading to PHP Local File Inclusion on Crown Art versions n/a–

CVE-2026-22434 WordPress Crown Art theme <= 1.2.11 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Crown Art crown-art allows PHP Local File Inclusion.This issue affects Crown Art: from n/a through = 1.2.11...

WordPress Crown Art theme <= 1.2.11 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Crown Art versions = 1.2.11...

CVE-2025-31422

Deserialization of Untrusted Data vulnerability in designthemes Visual Art | Gallery WordPress Theme visual-arts allows Object Injection.This issue affects Visual Art | Gallery WordPress Theme: from n/a through = 2.4...

CVE-2025-31422

Vulnerability: CVE-2025-31422 in designthemes Visual Art | Gallery WordPress Theme (

CVE-2025-31422 WordPress Visual Art | Gallery WordPress Theme <= 2.4 - PHP Object Injection Vulnerability

Deserialization of Untrusted Data vulnerability in designthemes Visual Art | Gallery WordPress Theme allows Object Injection. This issue affects Visual Art | Gallery WordPress Theme: from n/a through 2.4...

WordPress Visual Art | Gallery WordPress Theme <= 2.4 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Visual Art | Gallery WordPress Theme versions = 2.4...

WordPress Red Art theme <= 3.8 - PHP Object Injection Vulnerability

PHP Object Injection Vulnerability discovered by Cút lộn xào me in WordPress Theme Red Art versions = 3.8...

CVE-2025-1778

The Art Theme for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'artthemethemeoptionrestore' AJAX function in all versions up to, and including, 3.12.2.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to delet...

CVE-2025-1778 Art Theme <= 3.12.2.3 - Missing Authorization to Authenticated (Subscriber+) Theme Option Delete

The Art Theme for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'artthemethemeoptionrestore' AJAX function in all versions up to, and including, 3.12.2.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to delet...

CVE-2025-1778 Art Theme <= 3.12.2.3 - Missing Authorization to Authenticated (Subscriber+) Theme Option Delete

The Art Theme for WordPress is vulnerable to unauthorized access due to a missing capability check on the 'artthemethemeoptionrestore' AJAX function in all versions up to, and including, 3.12.2.3. This makes it possible for authenticated attackers, with subscriber-level access and above, to delet...

CVE-2025-1778

CVE-2025-1778 affects Art Theme (WordPress Theme). Root cause: missing capability check on the AJAX function arttheme_theme_option_restore, allowing authenticated attackers with subscriber-level access and above to delete the theme option. Affected versions: all up to and including 3.12.2.3. Reme...

WordPress plugin Art Theme 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2025-24014 · WordPress · The Art Theme

Name of the Vulnerable Software and Affected Versions: The Art Theme for WordPress versions up to, and including, 3.12.2.3 Description: The issue is related to unauthorized access due to a missing capability check on the 'arttheme theme option restore' AJAX function. This allows authenticated...

WordPress Art Theme plugin <= 3.12.2.3 - Missing Authorization to Authenticated (Subscriber+) Theme Option Delete vulnerability

Missing Authorization to Authenticated Subscriber+ Theme Option Delete vulnerability discovered by István Márton in WordPress Plugin Art Theme versions = 3.12.2.3...