CVE-2025-59588

CVE-2025-59588 describes an authenticated Local File Inclusion in the Soledad WordPress theme (Soledad

CVE-2025-59589 WordPress Soledad Theme <= 8.6.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in PenciDesign Soledad soledad allows DOM-Based XSS.This issue affects Soledad: from n/a through = 8.6.8...

WordPress Soledad Theme <= 8.6.7 is vulnerable to Cross Site Scripting (XSS)

Software Soledad Type Theme Vulnerable versions = 8.6.7 Fixed in 8.6.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2025-8143 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 2b64551fa293 Credits stealthcopter Required privilege...

CVE-2024-31369 WordPress Soledad theme <= 8.4.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in PenciDesign Soledad.This issue affects Soledad: from n/a through 8.4.2...

WordPress Soledad Theme <= 8.4.5 is vulnerable to Cross Site Request Forgery (CSRF)

Software Soledad Type Theme Vulnerable versions = 8.4.5 Fixed in 8.4.6 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-31369 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID ccaa49033795 Credits Rafie Muhammad Patchstack...

WordPress Soledad Theme <= 8.4.5 is vulnerable to Broken Access Control

Software Soledad Type Theme Vulnerable versions = 8.4.5 Fixed in 8.4.6 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-31367 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID e4cc84a70d34 Credits Rafie Muhammad Patchstack Required...

CVE-2023-49826 WordPress Soledad Theme <= 8.4.1 is vulnerable to PHP Object Injection

Deserialization of Untrusted Data vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme.This issue affects Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme: from n/a through 8.4.1...

WordPress Soledad Theme <= 8.4.1 is vulnerable to SQL Injection

Software Soledad Type Theme Vulnerable versions = 8.4.1 Fixed in 8.4.2 OWASP Top 10 A3: Injection Classification SQL Injection CVE CVE-2023-49825 Patch priority Medium CVSS severity Medium 8.5 Developer Claim ownership PSID a78a84399460 Credits Rafie Muhammad Patchstack Required privilege...

WordPress Soledad Theme <= 8.4.1 is vulnerable to Cross Site Scripting (XSS)

Software Soledad Type Theme Vulnerable versions = 8.4.1 Fixed in 8.4.2 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-49827 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 4415c6f5a085 Credits Rafie Muhammad Patchstack Required...

WordPress theme Soledad premium 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...