18742 matches found
CVE-2026-39641 WordPress Blackfyre theme <= 2.5.4 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Skywarrior Blackfyre blackfyre allows Cross Site Request Forgery.This issue affects Blackfyre: from n/a through = 2.5.4...
CVE-2026-39641
The CVE-2026-39641 entry concerns a Cross-Site Request Forgery (CSRF) vulnerability affecting Skywarrior Blackfyre (WordPress) theme blackfyre up to version 2.5.4. Public descriptions across NVD, Red Hat, EUVD, CVE records, and related feeds consistently state that this CSRF issue affects Blackfy...
CVE-2026-39640
Cross-Site Request Forgery CSRF vulnerability in mndpsingh287 Theme Editor theme-editor allows Code Injection.This issue affects Theme Editor: from n/a through = 3.2...
CVE-2026-39640
CVE-2026-39640 is a high-severity CSRF vulnerability in the WordPress Theme Editor plugin (Theme Editor) affecting versions from unspecified up to and including 3.2. The issue allows code injection/remote code execution and is rated critical (CVSS 3.1: 9.6; network attack vector, low complexity, ...
CVE-2026-39640 WordPress Theme Editor plugin <= 3.2 - Cross Site Request Forgery (CSRF) to Remote Code Execution vulnerability
Cross-Site Request Forgery CSRF vulnerability in mndpsingh287 Theme Editor theme-editor allows Code Injection.This issue affects Theme Editor: from n/a through = 3.2...
CVE-2026-39640 WordPress Theme Editor plugin <= 3.2 - Cross Site Request Forgery (CSRF) to Remote Code Execution vulnerability
Cross-Site Request Forgery CSRF vulnerability in mndpsingh287 Theme Editor theme-editor allows Code Injection.This issue affects Theme Editor: from n/a through = 3.2...
CVE-2026-39637
CVE-2026-39637 is associated with the WordPress Mogi theme (
CVE-2026-39637 WordPress Mogi theme <= 1.2.3 - Arbitrary Shortcode Execution vulnerability
Missing Authorization vulnerability in SpabRice Mogi mogi allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mogi: from n/a through = 1.2.3...
CVE-2026-39637 WordPress Mogi theme <= 1.2.3 - Arbitrary Shortcode Execution vulnerability
Missing Authorization vulnerability in SpabRice Mogi mogi allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Mogi: from n/a through = 1.2.3...
CVE-2026-39634
CVE-2026-39634 : CSRF in the ThemeGoods Grand Portfolio (WordPress theme, grandportfolio) affects versions up to 3.3. The connected docs confirm a CSRF issue but do not provide the explicit root cause details, exploit scenarios, or a remediation path. The CVSS v3.1 base score is 5.4 (Medium). No ...
CVE-2026-39633 WordPress Grand Car Rental theme <= 3.6.9 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in ThemeGoods Grand Car Rental grandcarrental allows Cross Site Request Forgery.This issue affects Grand Car Rental: from n/a through = 3.6.9...
CVE-2026-39634 WordPress Grand Portfolio theme <= 3.3 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in ThemeGoods Grand Portfolio grandportfolio allows Cross Site Request Forgery.This issue affects Grand Portfolio: from n/a through = 3.3...
CVE-2026-39634 WordPress Grand Portfolio theme <= 3.3 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in ThemeGoods Grand Portfolio grandportfolio allows Cross Site Request Forgery.This issue affects Grand Portfolio: from n/a through = 3.3...
CVE-2026-39635 WordPress Grand Magazine theme <= 3.5.5 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in ThemeGoods Grand Magazine grandmagazine allows Cross Site Request Forgery.This issue affects Grand Magazine: from n/a through = 3.5.5...
CVE-2026-39635 WordPress Grand Magazine theme <= 3.5.5 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in ThemeGoods Grand Magazine grandmagazine allows Cross Site Request Forgery.This issue affects Grand Magazine: from n/a through = 3.5.5...
CVE-2026-39634
Cross-Site Request Forgery CSRF vulnerability in ThemeGoods Grand Portfolio grandportfolio allows Cross Site Request Forgery.This issue affects Grand Portfolio: from n/a through = 3.3...
CVE-2026-39633
The CVE-2026-39633 entry concerns a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress ThemeGoods Grand Car Rental theme (grandcarrental) up to version 3.6.9. Public descriptions across NVD, Red Hat, CVE List, ENISA EUVD, and other feeds consistently indicate CSRF as the issue and i...
CVE-2026-39632
The CVE-2026-39632 entry concerns the WordPress ThemeGoods Grand Blog (grandblog) theme, affected versions up to 3.1. The vulnerability is a Cross-Site Request Forgery (CSRF) in Grand Blog that allows unauthorized actions initiated by forged requests. The connected Red Hat and EU/NVD records conf...
CVE-2026-39629 WordPress Uminex theme <= 1.0.9 - Arbitrary Shortcode Execution vulnerability
Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability in kutethemes Uminex uminex allows Code Injection.This issue affects Uminex: from n/a through = 1.0.9...
CVE-2026-39629
CVE-2026-39629 affects kutethemes Uminex WordPress theme versions up to and including 1.0.9. The issue is described as Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) that allows Code Injection via shortcode handling, leading to arbitrary shortcode execution. Concret...