WordPress Kids Gift Shop theme <= 0.5.4 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Denver Jackson in WordPress Theme Kids Gift Shop versions = 0.5.4...

WordPress Ecommerce Zone theme <= 0.9.7 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Denver Jackson in WordPress Theme Ecommerce Zone versions = 0.9.7...

WordPress Restaurant Zone theme <= 0.7.8 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Denver Jackson in WordPress Theme Restaurant Zone versions = 0.7.8...

WordPress Webenvo theme <= 0.0.6 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Denver Jackson in WordPress Theme Webenvo versions = 0.0.6...

WordPress Atomlab theme <= 2.4.5 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Atomlab versions = 2.4.5...

[SECURITY] Fedora 44 Update: plymouth-theme-breeze-6.6.4-1.fc44

Breeze theme for Plymouth...

[SECURITY] Fedora 44 Update: plasma-integration-6.6.4-1.fc44

Qt Platform Theme integration plugin for Plasma...

[SECURITY] Fedora 44 Update: oxygen-sounds-6.6.4-1.fc44

The Oxygen Sound Theme...

[SECURITY] Fedora 44 Update: ocean-sound-theme-6.6.4-1.fc44

Ocean Sound Theme for Plasma...

[SECURITY] Fedora 44 Update: grub2-breeze-theme-6.6.4-1.fc44

Breeze theme for GRUB...

[SECURITY] Fedora 44 Update: breeze-gtk-6.6.4-1.fc44

Breeze widget theme for GTK...

[SECURITY] Fedora 44 Update: aurorae-6.6.4-1.fc44

Aurorae is a themeable window decoration for KWin. It supports theme files consisting of several SVG files for decoration and buttons. Themes can be installed and selected directly in the configuration module of KWin decorations. Please have a look at theme-description on how to write a theme fil...

WordPress LuxeDrive theme <= 1.4 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme LuxeDrive versions = 1.4...

WordPress Eldon theme <= 1.4.1 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Eldon versions = 1.4.1...

WordPress Laurits theme <= 1.5.1 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Laurits versions = 1.5.1...

WordPress Reina theme <= 2.1 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Reina versions = 2.1...

WordPress ShiftUp theme <= 1.3 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme ShiftUp versions = 1.3...

WordPress MagOne theme <= 9.0 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme MagOne versions = 9.0...

WordPress ChapterOne theme <= 1.7 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme ChapterOne versions = 1.7...

EUVD-2026-23172

The Vantage theme for WordPress is vulnerable to Stored Cross-Site Scripting via Gallery block text content in versions up to, and including, 1.20.32 due to insufficient output escaping in the gallery template. This makes it possible for authenticated attackers, with contributor-level access and...