CVE-2026-41557

Unauthenticated Cross Site Scripting XSS in Kapee 1.7.1 versions...

CVE-2026-39446

Unauthenticated PHP Object Injection in Kapee 1.7.0 versions...

CVE-2026-41557 WordPress Kapee theme < 1.7.1 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Kapee 1.7.1 versions...

CVE-2026-41557

CVE-2026-41557 concerns WordPress theme Kapee prior to version 1.7.1, where an unauthenticated Cross Site Scripting (XSS) vulnerability exists in the theme. The Patchstack entry attributes a CVSS v3.1 base score of 7.1 (HIGH) with NETWORK attack vector, LOW confidentiality/integrity/availability ...

EUVD-2026-37606

Unauthenticated Cross Site Scripting XSS in Kapee 1.7.1 versions...

CVE-2026-39446

The CVE-2026-39446 entry describes an unauthenticated PHP Object Injection in WordPress Kapee theme versions prior to 1.7.0. The root cause is a PHP object injection flaw in the Kapee theme’s code path, enabling an attacker with network access and no user interaction to trigger impact. Impact is ...

CVE-2026-39446 WordPress Kapee theme < 1.7.0 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Kapee 1.7.0 versions...

WordPress Kapee theme < 1.7.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Kapee versions 1.7.1...

WordPress Kapee theme < 1.7.0 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Phat RiO in WordPress Theme Kapee versions 1.7.0...