CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

21 matches found

RedhatCVE•added 2026/01/16 2:23 p.m.•2 views

CVE-2025-12895

The Kalium 3 | Creative WordPress & WooCommerce Theme theme for WordPress is vulnerable to unauthorized email sending due to a missing capability check on the kaliumvccontactformrequest function in all versions up to, and including, 3.29. This makes it possible for unauthenticated attackers to us...

5.3CVSS5.6AI score0.00128EPSS

Exploits0References1

NVD•added 2026/01/15 2:16 p.m.•3 views

CVE-2025-12895

5.3CVSS0.00128EPSS

Exploits0References3

EUVD•added 2026/01/15 1:23 p.m.•2 views

EUVD-2026-2816

5.3CVSS5.1AI score0.00128EPSS

Exploits0References5

ATTACKERKB•added 2026/01/15 1:23 p.m.•2 views

CVE-2025-12895

5.3CVSS5.7AI score0.00128EPSS

Exploits0References4

Cvelist•added 2026/01/15 1:23 p.m.•22 views

CVE-2025-12895 Kalium <= 3.29 - Missing Authorization to Unauthenticated Mail Relay via kalium_vc_contact_form_request

5.3CVSS0.00128EPSS

Exploits0References3

Vulnrichment•added 2026/01/15 1:23 p.m.•2 views

CVE-2025-12895 Kalium <= 3.29 - Missing Authorization to Unauthenticated Mail Relay via kalium_vc_contact_form_request

5.3CVSS5.2AI score0.00128EPSS

Exploits0References3

CVE•added 2026/01/15 1:23 p.m.•7 views

CVE-2025-12895

CVE-2025-12895 concerns Kalium 3 (Creative WordPress & WooCommerce Theme) before version 3.29. The issue is an unauthorized email sending capability due to a missing authorization check in kalium_vc_contact_form_request(), allowing unauthenticated actors to use the site as an open mail relay to s...

5.3CVSS5.2AI score0.00128EPSS

Exploits0References3

Positive Technologies•added 2026/01/15 12:0 a.m.•3 views

PT-2026-3002

The Kalium 3 | Creative WordPress & WooCommerce Theme theme for WordPress is vulnerable to unauthorized email sending due to a missing capability check on the kalium vc contact form request function in all versions up to, and including, 3.29. This makes it possible for unauthenticated attackers t...

5.3CVSS5.6AI score0.00128EPSS

Exploits0References4

CVE•added 2025/11/06 3:54 p.m.•2 views

CVE-2025-53349

CVE-2025-53349 concerns the WordPress Kalium Theme (

7.1CVSS6AI score0.00031EPSS

Exploits0References1

Vulnrichment•added 2025/11/06 3:54 p.m.•1 views

CVE-2025-53349 WordPress Kalium Theme <= 3.18.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Laborator Kalium kalium allows Reflected XSS.This issue affects Kalium: from n/a through = 3.18.3...

7.1CVSS5.9AI score0.00031EPSS

Exploits0References1

CVE•added 2025/10/22 2:32 p.m.•3 views

CVE-2025-49926

CVE-2025-49926 concerns the WordPress Kalium theme (Kalium) up to version 3.25. Risk arises from an improper generation of code, i.e., a code injection vulnerability that can lead to arbitrary code execution. Affected component: Laborator Kalium kalium (WordPress theme/plugin variant) with versio...

7.2CVSS6.6AI score0.00083EPSS

Exploits0References1

Vulnrichment•added 2025/10/22 2:32 p.m.•1 views

CVE-2025-49926 WordPress Kalium theme <= 3.25 - Arbitrary Code Execution vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Laborator Kalium kalium allows Code Injection.This issue affects Kalium: from n/a through = 3.25...

7.2CVSS6.6AI score0.00083EPSS

Exploits0References1

Cvelist•added 2025/10/22 2:32 p.m.•6 views

CVE-2025-49926 WordPress Kalium theme <= 3.25 - Arbitrary Code Execution vulnerability

Improper Control of Generation of Code 'Code Injection' vulnerability in Laborator Kalium kalium allows Code Injection.This issue affects Kalium: from n/a through = 3.25...

7.2CVSS0.00083EPSS

Exploits0References1

Cvelist•added 2025/09/09 4:25 p.m.•10 views

CVE-2025-53348 WordPress Kalium Theme <= 3.18.3 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Laborator Kalium kalium allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kalium: from n/a through = 3.18.3...

5.3CVSS0.00057EPSS

Exploits0References1

CVE•added 2025/09/09 4:25 p.m.•12 views

CVE-2025-53348

CVE-2025-53348 is a WordPress Kalium theme vulnerability (versions ≤ 3.18.3) described by Patchstack as a Broken Access Control / Missing Authorization issue, exploitable unauthenticatedly with a CVSS v3.1 base score of 5.3 (Medium). Patchstack notes that a fix is not available, classifying the p...

5.3CVSS5.9AI score0.00057EPSS

Exploits0References1

Patchstack•added 2025/08/21 12:0 a.m.•5 views

WordPress Kalium Theme <= 3.18.3 is vulnerable to Broken Access Control

Software Kalium Type Theme Vulnerable versions = 3.18.3 Fixed in N/A OWASP Top 10 A4: Insecure Design Classification Broken Access Control CVE CVE-2025-53348 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID f2f57429b255 Credits Ananda Dhakal Patchstack Required privilege...

6.5AI score0.00057EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2025/08/14 6:21 p.m.•2 views

CVE-2025-53347 WordPress Kalium Theme <= 3.18.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Laborator Kalium kalium allows Cross Site Request Forgery.This issue affects Kalium: from n/a through = 3.18.3...

4.3CVSS5.1AI score0.00028EPSS

Exploits0References1

Cvelist•added 2025/08/14 6:21 p.m.•8 views

CVE-2025-53347 WordPress Kalium Theme <= 3.18.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Laborator Kalium kalium allows Cross Site Request Forgery.This issue affects Kalium: from n/a through = 3.18.3...

4.3CVSS0.00028EPSS

Exploits0References1

Patchstack•added 2025/08/14 4:17 p.m.•4 views

WordPress Kalium Theme <= 3.18.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Ananda Dhakal Patchstack in WordPress Theme Kalium versions = 3.18.3...

4.3CVSS6.8AI score0.00028EPSS

Exploits0Affected Software1

Patchstack•added 2025/08/14 12:0 a.m.•4 views

WordPress Kalium Theme <= 3.18.3 is vulnerable to Cross Site Request Forgery (CSRF)

Software Kalium Type Theme Vulnerable versions = 3.18.3 Fixed in N/A OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2025-53347 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 959fedc4e441 Credits Ananda Dhakal Patchstack...

4.3CVSS7AI score0.00028EPSS

Exploits0References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by