CVE-2026-39712 WordPress tagDiv Composer plugin <= 5.4.3 - Arbitrary Shortcode Execution vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in tagDiv tagDiv Composer td-composer allows Code Injection.This issue affects tagDiv Composer: from n/a through = 5.4.3...

CVE-2026-39712

The CVE-2026-39712 issue is in the WordPress tagDiv Composer plugin, specifically the td-composer component, and affects versions up to and including 5.4.3. The root cause is Improper Neutralization of Script-Related HTML Tags, enabling Code Injection/Arbitrary Shortcode Execution. Impact is desc...

CVE-2026-39712 WordPress tagDiv Composer plugin <= 5.4.3 - Arbitrary Shortcode Execution vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in tagDiv tagDiv Composer td-composer allows Code Injection.This issue affects tagDiv Composer: from n/a through = 5.4.3...

CVE-2026-39637 WordPress Mogi theme <= 1.2.3 - Arbitrary Shortcode Execution vulnerability

Missing Authorization vulnerability in SpabRice Mogi mogi allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mogi: from n/a through = 1.2.3...

CVE-2026-39637 WordPress Mogi theme <= 1.2.3 - Arbitrary Shortcode Execution vulnerability

Missing Authorization vulnerability in SpabRice Mogi mogi allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mogi: from n/a through = 1.2.3...

CVE-2026-39637

CVE-2026-39637 is associated with the WordPress Mogi theme (

CVE-2026-39629 WordPress Uminex theme <= 1.0.9 - Arbitrary Shortcode Execution vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in kutethemes Uminex uminex allows Code Injection.This issue affects Uminex: from n/a through = 1.0.9...

CVE-2026-39629 WordPress Uminex theme <= 1.0.9 - Arbitrary Shortcode Execution vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in kutethemes Uminex uminex allows Code Injection.This issue affects Uminex: from n/a through = 1.0.9...

CVE-2026-39629

CVE-2026-39629 affects kutethemes Uminex WordPress theme versions up to and including 1.0.9. The issue is described as Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) that allows Code Injection via shortcode handling, leading to arbitrary shortcode execution. Concret...

CVE-2026-39628 WordPress DukaMarket theme <= 1.3.0 - Arbitrary Shortcode Execution vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in kutethemes DukaMarket dukamarket allows Code Injection.This issue affects DukaMarket: from n/a through = 1.3.0...

CVE-2026-39626 WordPress Armania theme <= 1.4.8 - Arbitrary Shortcode Execution vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in kutethemes Armania armania allows Code Injection.This issue affects Armania: from n/a through = 1.4.8...

CVE-2026-39624 WordPress Biolife theme <= 3.2.3 - Arbitrary Shortcode Execution vulnerability

Missing Authorization vulnerability in kutethemes Biolife biolife allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Biolife: from n/a through = 3.2.3...

CVE-2026-39625 WordPress TechOne theme <= 3.0.3 - Arbitrary Shortcode Execution vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in kutethemes TechOne techone allows Code Injection.This issue affects TechOne: from n/a through = 3.0.3...

CVE-2026-39628 WordPress DukaMarket theme <= 1.3.0 - Arbitrary Shortcode Execution vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in kutethemes DukaMarket dukamarket allows Code Injection.This issue affects DukaMarket: from n/a through = 1.3.0...

CVE-2026-39626 WordPress Armania theme <= 1.4.8 - Arbitrary Shortcode Execution vulnerability

Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in kutethemes Armania armania allows Code Injection.This issue affects Armania: from n/a through = 1.4.8...

CVE-2026-39624 WordPress Biolife theme <= 3.2.3 - Arbitrary Shortcode Execution vulnerability

Missing Authorization vulnerability in kutethemes Biolife biolife allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Biolife: from n/a through = 3.2.3...

CVE-2026-39628

CVE-2026-39628 affects the WordPress DukaMarket theme (kutethemes)

CVE-2026-39624

CVE-2026-39624 affects the WordPress Kutethemes Biolife theme (

CVE-2026-39626

CVE-2026-39626 concerns the WordPress kutethemes Armania theme (

CVE-2026-39625

The CVE refers to WordPress TechOne theme (kutethemes) versions up to and including 3.0.3, describing an improper neutralization of script-related HTML tags in a web page that enables code injection. The linked records also classify the impact as basic XSS and associate it with arbitrary shortcod...