Lucene search
K

93340 matches found

Cvelist
Cvelist
added 2026/03/05 5:53 a.m.27 views

CVE-2026-27337 WordPress Chronicle - Lifestyle Magazine & Blog WordPress Theme theme <= 1.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Chronicle - Lifestyle Magazine & Blog WordPress Theme chronicle allows PHP Local File Inclusion.This issue affects Chronicle - Lifestyle Magazine & Blog WordPress...

8.1CVSS0.00512EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/05 5:53 a.m.1 views

CVE-2026-22501 WordPress Mounthood theme <= 1.3.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in axiomthemes Mounthood mounthood allows Object Injection.This issue affects Mounthood: from n/a through = 1.3.2...

9.8CVSS5.8AI score0.0051EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/05 5:53 a.m.28 views

CVE-2026-22501 WordPress Mounthood theme <= 1.3.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in axiomthemes Mounthood mounthood allows Object Injection.This issue affects Mounthood: from n/a through = 1.3.2...

9.8CVSS0.0051EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/05 5:53 a.m.4 views

CVE-2026-23798 WordPress PowerPress Podcasting plugin <= 11.15.10 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in blubrry PowerPress Podcasting powerpress allows Object Injection.This issue affects PowerPress Podcasting: from n/a through = 11.15.10...

8.8CVSS5.8AI score0.00482EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/05 5:53 a.m.32 views

CVE-2026-22477 WordPress Felizia theme <= 1.3.4 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes Felizia felizia allows PHP Local File Inclusion.This issue affects Felizia: from n/a through = 1.3.4...

8.1CVSS0.00403EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/05 5:53 a.m.27 views

CVE-2026-22497 WordPress Jardi theme <= 1.7.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in AncoraThemes Jardi jardi allows Object Injection.This issue affects Jardi: from n/a through = 1.7.2...

9.8CVSS0.0051EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/05 5:53 a.m.30 views

CVE-2026-22476 WordPress Etchy theme <= 1.0 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes Etchy etchy allows PHP Local File Inclusion.This issue affects Etchy: from n/a through = 1.0...

8.1CVSS0.00403EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/05 5:53 a.m.2 views

CVE-2026-22497 WordPress Jardi theme <= 1.7.2 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in AncoraThemes Jardi jardi allows Object Injection.This issue affects Jardi: from n/a through = 1.7.2...

9.8CVSS5.8AI score0.0051EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/05 5:53 a.m.3 views

CVE-2026-22478 WordPress FindAll theme <= 1.4 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Elated-Themes FindAll findall allows PHP Local File Inclusion.This issue affects FindAll: from n/a through = 1.4...

5.8AI score0.00504EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/05 5:53 a.m.1 views

CVE-2026-22475 WordPress Estate theme <= 1.3.4 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in axiomthemes Estate estate allows Object Injection.This issue affects Estate: from n/a through = 1.3.4...

5.8AI score0.00389EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/05 5:53 a.m.2 views

CVE-2026-22474 WordPress Equestrian Centre theme <= 1.5 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in ThemeREX Equestrian Centre equestrian-centre allows Object Injection.This issue affects Equestrian Centre: from n/a through = 1.5...

5.8AI score0.00389EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/05 5:53 a.m.35 views

CVE-2026-22471 WordPress Secudeal Payments for Ecommerce plugin <= 1.1 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in maximsecudeal Secudeal Payments for Ecommerce secudeal-payments-for-ecommerce allows Object Injection.This issue affects Secudeal Payments for Ecommerce: from n/a through = 1.1...

8.8CVSS0.00358EPSS
Exploits0References1
CVE
CVE
added 2026/03/05 5:53 a.m.7 views

CVE-2026-22475

CVE-2026-22475 describes a deserialization of untrusted data vulnerability in the WordPress theme Estate (vulnerable from n/a to 1.3.4). The root cause is unauthenticated PHP Object Injection due to deserializing untrusted input, enabling potential manipulation of objects within Estate. The CVSSv...

9.8CVSS5.9AI score0.00389EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/05 5:53 a.m.30 views

CVE-2026-22473 WordPress Dental Clinic theme <= 3.7 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in designthemes Dental Clinic dental allows Object Injection.This issue affects Dental Clinic: from n/a through = 3.7...

8.8CVSS0.00368EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/05 5:53 a.m.4 views

CVE-2026-22454 WordPress Solaris theme <= 2.5 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in ThemeREX Solaris solaris allows Object Injection.This issue affects Solaris: from n/a through = 2.5...

5.8AI score0.0051EPSS
Exploits0References1
CVE
CVE
added 2026/03/05 5:53 a.m.7 views

CVE-2026-22453

CVE-2026-22453 is a deserialization-based PHP Object Injection vulnerability in the ThemeREX Pets Club WordPress theme (Pets Club) affecting versions up to 2.3. The issue arises from deserializing untrusted data, enabling object injection. The vulnerability is rated critical (CVSS 3.1 9.8) with n...

9.8CVSS5.9AI score0.0051EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/05 5:53 a.m.29 views

CVE-2026-22453 WordPress Pets Club theme <= 2.3 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in ThemeREX Pets Club petclub allows Object Injection.This issue affects Pets Club: from n/a through = 2.3...

9.8CVSS0.0051EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/05 5:53 a.m.2 views

CVE-2026-22453 WordPress Pets Club theme <= 2.3 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in ThemeREX Pets Club petclub allows Object Injection.This issue affects Pets Club: from n/a through = 2.3...

5.8AI score0.0051EPSS
Exploits0References1
CVE
CVE
added 2026/03/05 5:53 a.m.9 views

CVE-2026-22456

CVE-2026-22456 affects the WordPress theme Askka (Elated-Themes) up to version 1.0, enabling Local File Inclusion due to improper control of filenames for include/require in PHP. Impact is untrusted local file access under unauthenticated conditions; no patch is provided in the connected document...

8.1CVSS5.9AI score0.00504EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/05 5:53 a.m.2 views

CVE-2026-22451 WordPress Handyman theme <= 1.4.7 - PHP Object Injection vulnerability

Deserialization of Untrusted Data vulnerability in AncoraThemes Handyman handyman-services allows Object Injection.This issue affects Handyman: from n/a through = 1.4.7...

9.8CVSS5.9AI score0.0051EPSS
Exploits0References1
Rows per page
Query Builder