WordPress Kalium plugin <= 3.29 - Missing Authorization to Unauthenticated Mail Relay via kalium_vc_contact_form_request vulnerability

Missing Authorization to Unauthenticated Mail Relay via kaliumvccontactformrequest vulnerability discovered by Ahmed Rayen Ayari in WordPress Theme Kalium versions = 3.29...

CVE-2025-53349

CVE-2025-53349 concerns the WordPress Kalium Theme (

CVE-2025-53349 WordPress Kalium Theme <= 3.18.3 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Laborator Kalium kalium allows Reflected XSS.This issue affects Kalium: from n/a through = 3.18.3...

CVE-2025-49926

CVE-2025-49926 concerns the WordPress Kalium theme (Kalium) up to version 3.25. Risk arises from an improper generation of code, i.e., a code injection vulnerability that can lead to arbitrary code execution. Affected component: Laborator Kalium kalium (WordPress theme/plugin variant) with versio...

CVE-2025-53348 WordPress Kalium Theme <= 3.18.3 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Laborator Kalium kalium allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kalium: from n/a through = 3.18.3...

CVE-2025-53348 WordPress Kalium Theme <= 3.18.3 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Laborator Kalium kalium allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Kalium: from n/a through = 3.18.3...

WordPress Kalium Theme <= 3.18.3 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Ananda Dhakal Patchstack in WordPress Theme Kalium versions = 3.18.3...

WordPress Kalium Theme <= 3.18.3 is vulnerable to Broken Access Control

Software Kalium Type Theme Vulnerable versions = 3.18.3 Fixed in N/A OWASP Top 10 A4: Insecure Design Classification Broken Access Control CVE CVE-2025-53348 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID f2f57429b255 Credits Ananda Dhakal Patchstack Required privilege...

CVE-2025-53347 WordPress Kalium Theme <= 3.18.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Laborator Kalium kalium allows Cross Site Request Forgery.This issue affects Kalium: from n/a through = 3.18.3...

CVE-2025-53347 WordPress Kalium Theme <= 3.18.3 - Cross Site Request Forgery (CSRF) Vulnerability

Cross-Site Request Forgery CSRF vulnerability in Laborator Kalium kalium allows Cross Site Request Forgery.This issue affects Kalium: from n/a through = 3.18.3...

WordPress Kalium theme <= 3.25 - Arbitrary Code Execution vulnerability

Arbitrary Code Execution vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Kalium versions = 3.25...