19025 matches found
CVE-2026-32515 WordPress Miraculous theme < 2.1.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in kamleshyadav Miraculous miraculous allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Miraculous: from n/a through 2.1.2...
CVE-2026-32515
CVE-2026-32515 is documented in Wordfence Intelligence as a Missing Authorization vulnerability affecting Miraculous: Multi Vendor Online Music Store Elementor WordPress Theme, versioned < 2.1.2. The Wordfence weekly report also lists related Miraculous entries (e.g., Miraculous Core
CVE-2026-32518
CVE-2026-32518 affects the WordPress Gaea theme (imithemes Gaea) prior to version 3.8. The issue is a Reflected Cross-Site Scripting (XSS) vulnerability caused by improper input neutralization during web page generation. Affected component is the theme code handling user-supplied input; impact is...
CVE-2026-32518 WordPress Gaea theme < 3.8 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in imithemes Gaea gaea allows Reflected XSS.This issue affects Gaea: from n/a through 3.8...
CVE-2026-32515 WordPress Miraculous theme < 2.1.2 - Broken Access Control vulnerability
Missing Authorization vulnerability in kamleshyadav Miraculous miraculous allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Miraculous: from n/a through 2.1.2...
CVE-2026-32512
Deserialization of Untrusted Data vulnerability in Edge-Themes Pelicula pelicula-video-production-and-movie-theme allows Object Injection.This issue affects Pelicula: from n/a through 1.10...
CVE-2026-32511 WordPress Stål theme < 1.7 - Arbitrary Object Instantiation vulnerability
Deserialization of Untrusted Data vulnerability in Mikado-Themes Stål stal allows Object Injection.This issue affects Stål: from n/a through 1.7...
CVE-2026-32512
CVE-2026-32512 (Pelicula WordPress Theme) is a deserialization of untrusted data vulnerability in the Pelicula theme (Edge-Themes) that enables PHP object injection. Affected software is Pelicula versions older than 1.10. The issue is described as unauthenticated and impacts confidentiality, inte...
CVE-2026-32511
CVE-2026-32511 refers to a Deserialization of Untrusted Data vulnerability in Mikado-Themes Stål (WordPress Stål theme) that allows Object Injection. The issue affects Stål versions before 1.7. The root cause is deserializing untrusted data, enabling object instantiation through crafted input. Pu...
CVE-2026-32512 WordPress Pelicula theme < 1.10 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Edge-Themes Pelicula pelicula-video-production-and-movie-theme allows Object Injection.This issue affects Pelicula: from n/a through 1.10...
CVE-2026-32512 WordPress Pelicula theme < 1.10 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in Edge-Themes Pelicula pelicula-video-production-and-movie-theme allows Object Injection.This issue affects Pelicula: from n/a through 1.10...
CVE-2026-32509 WordPress Gracey theme < 1.4 - Arbitrary Object Instantiation vulnerability
Deserialization of Untrusted Data vulnerability in Edge-Themes Gracey gracey allows Object Injection.This issue affects Gracey: from n/a through 1.4...
CVE-2026-32510 WordPress Kamperen theme < 1.3 - Arbitrary Object Instantiation vulnerability
Deserialization of Untrusted Data vulnerability in Edge-Themes Kamperen kamperen allows Object Injection.This issue affects Kamperen: from n/a through 1.3...
CVE-2026-32510
CVE-2026-32510 affects WordPress Kamperen theme versions prior to 1.3. The issue is a Deserialization of Untrusted Data vulnerability that allows Object Injection, caused by deserializing untrusted data. Impact per metrics is Low confidentiality and integrity impact, no availability impact, with ...
CVE-2026-32508 WordPress Halstein theme < 1.8 - Arbitrary Object Instantiation vulnerability
Deserialization of Untrusted Data vulnerability in Mikado-Themes Halstein halstein allows Object Injection.This issue affects Halstein: from n/a through 1.8...
CVE-2026-32509 WordPress Gracey theme < 1.4 - Arbitrary Object Instantiation vulnerability
Deserialization of Untrusted Data vulnerability in Edge-Themes Gracey gracey allows Object Injection.This issue affects Gracey: from n/a through 1.4...
CVE-2026-32509
CVE-2026-32509 is a deserialization of untrusted data vulnerability in the WordPress Gracey theme (
CVE-2026-32508
CVE-2026-32508 affects the WordPress Halstein theme prior to v1.8. The vulnerability is due to deserialization of untrusted data, enabling object injection in Halstein before 1.8. Affected software is Mikado-Themes Halstein halstein; impact is described as potential object injection with limited ...
CVE-2026-32510 WordPress Kamperen theme < 1.3 - Arbitrary Object Instantiation vulnerability
Deserialization of Untrusted Data vulnerability in Edge-Themes Kamperen kamperen allows Object Injection.This issue affects Kamperen: from n/a through 1.3...
CVE-2026-32507 WordPress Leroux theme < 1.4 - Arbitrary Object Instantiation vulnerability
Deserialization of Untrusted Data vulnerability in Elated-Themes Leroux leroux allows Object Injection.This issue affects Leroux: from n/a through 1.4...