18993 matches found
[SECURITY] Fedora 44 Update: grub2-breeze-theme-6.6.4-1.fc44
Breeze theme for GRUB...
[SECURITY] Fedora 44 Update: breeze-gtk-6.6.4-1.fc44
Breeze widget theme for GTK...
[SECURITY] Fedora 44 Update: aurorae-6.6.4-1.fc44
Aurorae is a themeable window decoration for KWin. It supports theme files consisting of several SVG files for decoration and buttons. Themes can be installed and selected directly in the configuration module of KWin decorations. Please have a look at theme-description on how to write a theme fil...
WordPress LuxeDrive theme <= 1.4 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme LuxeDrive versions = 1.4...
WordPress Eldon theme <= 1.4.1 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Eldon versions = 1.4.1...
WordPress Laurits theme <= 1.5.1 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Laurits versions = 1.5.1...
WordPress Reina theme <= 2.1 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme Reina versions = 2.1...
WordPress ShiftUp theme <= 1.3 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Denver Jackson in WordPress Theme ShiftUp versions = 1.3...
WordPress MagOne theme <= 9.0 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme MagOne versions = 9.0...
WordPress ChapterOne theme <= 1.7 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme ChapterOne versions = 1.7...
EUVD-2026-23172
The Vantage theme for WordPress is vulnerable to Stored Cross-Site Scripting via Gallery block text content in versions up to, and including, 1.20.32 due to insufficient output escaping in the gallery template. This makes it possible for authenticated attackers, with contributor-level access and...
CVE-2026-5070
The Vantage theme for WordPress is vulnerable to Stored Cross-Site Scripting via Gallery block text content in versions up to, and including, 1.20.32 due to insufficient output escaping in the gallery template. This makes it possible for authenticated attackers, with contributor-level access and...
CVE-2026-5070 Vantage <= 1.20.32 - Authenticated (Contributor+) Stored Cross-Site Scripting via Gallery Block Text Content
The Vantage theme for WordPress is vulnerable to Stored Cross-Site Scripting via Gallery block text content in versions up to, and including, 1.20.32 due to insufficient output escaping in the gallery template. This makes it possible for authenticated attackers, with contributor-level access and...
CVE-2026-5070
The CVE-2026-5070 vector affects the WordPress Vantage theme (versions up to and including 1.20.32). The issue is a Stored Cross-Site Scripting vulnerability in the Gallery block text content caused by insufficient output escaping in the gallery template. Exploitation requires authenticated acces...
CVE-2026-5070 Vantage <= 1.20.32 - Authenticated (Contributor+) Stored Cross-Site Scripting via Gallery Block Text Content
The Vantage theme for WordPress is vulnerable to Stored Cross-Site Scripting via Gallery block text content in versions up to, and including, 1.20.32 due to insufficient output escaping in the gallery template. This makes it possible for authenticated attackers, with contributor-level access and...
CVE-2026-5070
The Vantage theme for WordPress is vulnerable to Stored Cross-Site Scripting via Gallery block text content in versions up to, and including, 1.20.32 due to insufficient output escaping in the gallery template. This makes it possible for authenticated attackers, with contributor-level access and...
PT-2026-33254
The Vantage theme for WordPress is vulnerable to Stored Cross-Site Scripting via Gallery block text content in versions up to, and including, 1.20.32 due to insufficient output escaping in the gallery template. This makes it possible for authenticated attackers, with contributor-level access and...
CVE-2026-40737
Authorization Bypass Through User-Controlled Key vulnerability in VillaTheme COMPE compe-woo-compare-products allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects COMPE: from n/a through = 1.1.4...
CVE-2026-40737
Authorization Bypass Through User-Controlled Key vulnerability in VillaTheme COMPE compe-woo-compare-products allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects COMPE: from n/a through = 1.1.4...
CVE-2026-1555
The WebStack theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ioimgupload function in all versions up to, and including, 1.2024. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which...