Lucene search
+L

5 matches found

CVE
CVE
added 2026/04/08 8:30 a.m.8 views

CVE-2026-39640

CVE-2026-39640 is a high-severity CSRF vulnerability in the WordPress Theme Editor plugin (Theme Editor) affecting versions from unspecified up to and including 3.2. The issue allows code injection/remote code execution and is rated critical (CVSS 3.1: 9.6; network attack vector, low complexity, ...

9.6CVSS5.9AI score0.00143EPSS
Exploits0References1
NVD
NVD
added 2026/02/18 8:18 p.m.12 views

CVE-2026-2661

A security flaw has been discovered in Squirrel up to 3.2. This affects the function SQObjectPtr::operator in the library squirrel/sqobject.h. The manipulation results in heap-based buffer overflow. The attack needs to be approached locally. The exploit has been released to the public and may be...

7.8CVSS0.00235EPSS
Exploits2References5
Patchstack
Patchstack
added 2026/01/13 7:32 a.m.8 views

WordPress Kids Heaven theme <= 3.2 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Kids Heaven versions = 3.2...

8.8CVSS7.3AI score0.00503EPSS
Exploits0Affected Software1
CVE
CVE
added 2024/12/09 11:32 a.m.58 views

CVE-2024-54226

CVE-2024-54226 describes a CSRF to Stored XSS in the WordPress plugin Country Blocker (affected versions: up to 3.2, vendor: Karl Kiesinger). The entry indicates a high-severity issue (CVSS v3.1 base score 7.1) with potential stored cross-site script execution, and in the Wordfence context the vu...

7.1CVSS7.2AI score0.00188EPSS
Exploits0References1
Patchstack
Patchstack
added 2024/06/06 9:57 a.m.3 views

WordPress GDPR/CCPA Cookie Consent Banner plugin <= 3.2 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Cookie Consent versions = 3.2...

7.3CVSS7AI score0.00278EPSS
Exploits0Affected Software1
Rows per page
Query Builder