CVE-2024-13636

Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-24926. Reason: This candidate is a reservation duplicate of CVE-2024-24926. Notes: All CVE users should reference CVE-2024-24926 instead of this candidate. All references and descriptions in this candidate have been...

CVE-2024-13636

...

CVE-2024-13636

CVE-2024-13636 is rejected/not used and does not represent an active vulnerability entry.

CVE-2024-13636

...

PT-2025-6588 · WordPress · Brooklyn

Name of the Vulnerable Software and Affected Versions: Brooklyn theme for WordPress versions up to, and including, 4.9.9.2 Description: The vulnerability is related to PHP Object Injection, which occurs through the deserialization of untrusted input in the ot decode function. This allows...

CVE-2024-24926

Deserialization of Untrusted Data vulnerability in UnitedThemes Brooklyn | Creative Multi-Purpose Responsive WordPress Theme.This issue affects Brooklyn | Creative Multi-Purpose Responsive WordPress Theme: from n/a through 4.9.7.6...

CVE-2024-24926 WordPress Brooklyn Theme <= 4.9.7.6 is vulnerable to PHP Object Injection

Deserialization of Untrusted Data vulnerability in UnitedThemes Brooklyn | Creative Multi-Purpose Responsive WordPress Theme.This issue affects Brooklyn | Creative Multi-Purpose Responsive WordPress Theme: from n/a through 4.9.7.6...

CVE-2024-24927 WordPress Brooklyn Theme <= 4.9.7.6 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in UnitedThemes Brooklyn | Creative Multi-Purpose Responsive WordPress Theme allows Reflected XSS.This issue affects Brooklyn | Creative Multi-Purpose Responsive WordPress Theme: from n/a through...

Brooklyn <= 4.9.7.6 - PHP Object Injection

Description The brooklyn theme for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 4.9.7.6 via deserialization of untrusted input from an unknown parameter. This makes it possible for authenticated attackers, with subscriber access and above, to inject a PHP...

PT-2024-20665 · WordPress · Unitedthemes Brooklyn

Name of the Vulnerable Software and Affected Versions: UnitedThemes Brooklyn | Creative Multi-Purpose Responsive WordPress Theme versions through 4.9.7.6 Description: The issue affects the UnitedThemes Brooklyn | Creative Multi-Purpose Responsive WordPress Theme, allowing Reflected XSS due to...

WordPress Brooklyn Theme <= 4.9.7.6 is vulnerable to PHP Object Injection

Software Brooklyn Type Theme Vulnerable versions = 4.9.7.6 Fixed in N/A OWASP Top 10 A3: Injection Classification PHP Object Injection CVE CVE-2024-24926 Patch priority Medium CVSS severity Medium 7.5 Developer Claim ownership PSID 088c56b0b572 Credits Rafie Muhammad Patchstack Required privilege...

WordPress Brooklyn Theme <= 4.9.7.6 is vulnerable to Cross Site Scripting (XSS)

Software Brooklyn Type Theme Vulnerable versions = 4.9.7.6 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-24927 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 61a468418831 Credits Rafie Muhammad Patchstack Required...