18742 matches found
CVE-2026-32518 WordPress Gaea theme < 3.8 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in imithemes Gaea gaea allows Reflected XSS.This issue affects Gaea: from n/a through 3.8...
CVE-2026-32515 WordPress Miraculous theme < 2.1.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in kamleshyadav Miraculous miraculous allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Miraculous: from n/a through 2.1.2...
CVE-2026-32512
Deserialization of Untrusted Data vulnerability in Edge-Themes Pelicula pelicula-video-production-and-movie-theme allows Object Injection.This issue affects Pelicula: from n/a through 1.10...
CVE-2026-32512 WordPress Pelicula theme < 1.10 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Edge-Themes Pelicula pelicula-video-production-and-movie-theme allows Object Injection.This issue affects Pelicula: from n/a through 1.10...
CVE-2026-32512
CVE-2026-32512 (Pelicula WordPress Theme) is a deserialization of untrusted data vulnerability in the Pelicula theme (Edge-Themes) that enables PHP object injection. Affected software is Pelicula versions older than 1.10. The issue is described as unauthenticated and impacts confidentiality, inte...
CVE-2026-32512 WordPress Pelicula theme < 1.10 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Edge-Themes Pelicula pelicula-video-production-and-movie-theme allows Object Injection.This issue affects Pelicula: from n/a through 1.10...
CVE-2026-32511 WordPress Stål theme < 1.7 - Arbitrary Object Instantiation vulnerability
Deserialization of Untrusted Data vulnerability in Mikado-Themes Stål stal allows Object Injection.This issue affects Stål: from n/a through 1.7...
CVE-2026-32511
CVE-2026-32511 refers to a Deserialization of Untrusted Data vulnerability in Mikado-Themes Stål (WordPress Stål theme) that allows Object Injection. The issue affects Stål versions before 1.7. The root cause is deserializing untrusted data, enabling object instantiation through crafted input. Pu...
CVE-2026-32510 WordPress Kamperen theme < 1.3 - Arbitrary Object Instantiation vulnerability
Deserialization of Untrusted Data vulnerability in Edge-Themes Kamperen kamperen allows Object Injection.This issue affects Kamperen: from n/a through 1.3...
CVE-2026-32508 WordPress Halstein theme < 1.8 - Arbitrary Object Instantiation vulnerability
Deserialization of Untrusted Data vulnerability in Mikado-Themes Halstein halstein allows Object Injection.This issue affects Halstein: from n/a through 1.8...
CVE-2026-32509 WordPress Gracey theme < 1.4 - Arbitrary Object Instantiation vulnerability
Deserialization of Untrusted Data vulnerability in Edge-Themes Gracey gracey allows Object Injection.This issue affects Gracey: from n/a through 1.4...
CVE-2026-32509 WordPress Gracey theme < 1.4 - Arbitrary Object Instantiation vulnerability
Deserialization of Untrusted Data vulnerability in Edge-Themes Gracey gracey allows Object Injection.This issue affects Gracey: from n/a through 1.4...
CVE-2026-32510 WordPress Kamperen theme < 1.3 - Arbitrary Object Instantiation vulnerability
Deserialization of Untrusted Data vulnerability in Edge-Themes Kamperen kamperen allows Object Injection.This issue affects Kamperen: from n/a through 1.3...
CVE-2026-32508
CVE-2026-32508 affects the WordPress Halstein theme prior to v1.8. The vulnerability is due to deserialization of untrusted data, enabling object injection in Halstein before 1.8. Affected software is Mikado-Themes Halstein halstein; impact is described as potential object injection with limited ...
CVE-2026-32509
CVE-2026-32509 is a deserialization of untrusted data vulnerability in the WordPress Gracey theme (
CVE-2026-32510
CVE-2026-32510 affects WordPress Kamperen theme versions prior to 1.3. The issue is a Deserialization of Untrusted Data vulnerability that allows Object Injection, caused by deserializing untrusted data. Impact per metrics is Low confidentiality and integrity impact, no availability impact, with ...
CVE-2026-32507 WordPress Leroux theme < 1.4 - Arbitrary Object Instantiation vulnerability
Deserialization of Untrusted Data vulnerability in Elated-Themes Leroux leroux allows Object Injection.This issue affects Leroux: from n/a through 1.4...
CVE-2026-32507
The CVE-2026-32507 entry documents a Deserialization of Untrusted Data vulnerability in the WordPress Leroux theme (Elated-Themes Leroux), affecting Leroux versions prior to 1.4. The core issue is Object Injection via deserialized untrusted data in Leroux, with reported exposure affecting the the...
CVE-2026-32507 WordPress Leroux theme < 1.4 - Arbitrary Object Instantiation vulnerability
Deserialization of Untrusted Data vulnerability in Elated-Themes Leroux leroux allows Object Injection.This issue affects Leroux: from n/a through 1.4...
CVE-2026-32506 WordPress Archicon theme < 1.7 - Arbitrary Object Instantiation vulnerability
Deserialization of Untrusted Data vulnerability in Edge-Themes Archicon archicon allows Object Injection.This issue affects Archicon: from n/a through 1.7...