CVE-2026-32434 WordPress VW Fitness theme <= 4.3.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in vowelweb VW Fitness vw-fitness allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects VW Fitness: from n/a through = 4.3.4...

CVE-2026-25394 WordPress Fitness FSE theme <= 1.0.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in sparklewpthemes Fitness FSE fitness-fse allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fitness FSE: from n/a through = 1.0.6...

WordPress Fitness FSE theme <= 1.0.6 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by 0xd4rk5id3 in WordPress Theme Fitness FSE versions = 1.0.6...

CVE-2025-50033 WordPress Fitness Park theme <= 1.1.1 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in sparklewpthemes Fitness Park fitness-park allows DOM-Based XSS.This issue affects Fitness Park: from n/a through = 1.1.1...

WordPress Fitness Park theme <= 1.1.1 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Peter Thaleikis in WordPress Theme Fitness Park versions = 1.1.1...

WordPress Fitness calculators plugin Plugin <= 2.0.8 is vulnerable to Cross Site Scripting (XSS)

Software Fitness calculators plugin Type Plugin Vulnerable versions = 2.0.8 Fixed in 2.0.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-40552 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 4457ca875cf7 Credits Rio Darmawan...