CVE-2026-39622 WordPress Education Base theme <= 3.0.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in acmethemes Education Base education-base allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Education Base: from n/a through = 3.0.8...

CVE-2026-39622

The CVE-2026-39622 entry describes a Missing Authorization vulnerability in the acmethemes Education Base WordPress theme (education-base) affecting versions up to and including 3.0.8. The root cause is Incorrectly Configured Access Control Security Levels, enabling unauthorized access due to bro...

CVE-2026-39622 WordPress Education Base theme <= 3.0.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in acmethemes Education Base education-base allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Education Base: from n/a through = 3.0.8...

CVE-2025-60228 WordPress Knowledge Base theme <= 2.9 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in designthemes Knowledge Base kbase allows Object Injection.This issue affects Knowledge Base: from n/a through = 2.9...

CVE-2025-60228 WordPress Knowledge Base theme <= 2.9 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in designthemes Knowledge Base kbase allows Object Injection.This issue affects Knowledge Base: from n/a through = 2.9...

MAL-2025-5959 Malicious code in tailwind-base-theme (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 8582e0acc5f7199f1f7af95aaad0689d758cd9b4cd7110c3d2291ff6751eb5da Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

WordPress Catch Base theme <= 3.4.6 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Michael Patchstack Alliance in WordPress Theme Catch Base versions = 3.4.6...

WordPress Catch Base Theme <= 3.4.6 is vulnerable to Cross Site Scripting (XSS)

Software Catch Base Type Theme Vulnerable versions = 3.4.6 Fixed in 3.4.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47313 Patch priority Low CVSS severity Low 5.1 Developer Claim ownership PSID 4b5d07c67db7 Credits Michael Required privilege Author Published ...

DRUPAL-CONTRIB-2022-060

The Social Base theme is designed as a base theme for Open Social. This base theme holds has a lot of sensible defaults. It doesn't however contain much styling. We expect developers to want to change this for their own project. When content within the Open Social distribution is placed within a...

Social Base - Moderately critical - Access bypass - SA-CONTRIB-2022-060

The Social Base theme is designed as a base theme for Open Social. This base theme holds has a lot of sensible defaults. It doesn't however contain much styling. We expect developers to want to change this for their own project. When content within the Open Social distribution is placed within a...

Malicious code in here_base_theme_v2 (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware db50d9a1d1f84f2de476e484af2c0192b0d6a28e77f68ed365d8602ec957324a Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...