2135 matches found
WordPress VW Portfolio theme <= 1.3.3 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Nabil Irawan in WordPress Theme VW Portfolio versions = 1.3.3...
WordPress The Qlean theme <= 2.12 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Bonds in WordPress Theme The Qlean versions = 2.12...
WordPress Luxury Wine theme <= 1.1.14 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Luxury Wine versions = 1.1.14...
WordPress Global Logistics theme <= 3.20 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Global Logistics versions = 3.20...
WordPress Nuts theme <= 1.10 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Nuts versions = 1.10...
CVE-2025-14040
The Automotive Car Dealership Business WordPress Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Call to Action' custom fields in all versions up to, and including, 13.4. This is due to insufficient input sanitization and output escaping on user-supplied attributes in th...
WordPress M.Williamson theme <= 1.2.11 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Bonds in WordPress Theme M.Williamson versions = 1.2.11...
WordPress S.King theme <= 1.5.3 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Bonds in WordPress Theme S.King versions = 1.5.3...
WordPress Happy Baby theme <= 1.2.12 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Happy Baby versions = 1.2.12...
CVE-2025-14040
The Automotive Car Dealership Business WordPress Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Call to Action' custom fields in all versions up to, and including, 13.4. This is due to insufficient input sanitization and output escaping on user-supplied attributes in th...
CVE-2025-14040 Automotive Car Dealership Business WordPress Theme <= 13.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Call to Action Fields
The Automotive Car Dealership Business WordPress Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Call to Action' custom fields in all versions up to, and including, 13.4. This is due to insufficient input sanitization and output escaping on user-supplied attributes in th...
CVE-2025-14040
The Automotive Car Dealership Business WordPress Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Call to Action' custom fields in all versions up to, and including, 13.4. This is due to insufficient input sanitization and output escaping on user-supplied attributes in th...
CVE-2025-14040 Automotive Car Dealership Business WordPress Theme <= 13.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Call to Action Fields
The Automotive Car Dealership Business WordPress Theme for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Call to Action' custom fields in all versions up to, and including, 13.4. This is due to insufficient input sanitization and output escaping on user-supplied attributes in th...
CVE-2025-14040
CVE-2025-14040 : The Automotive Car Dealership WordPress Theme (WordPress theme) is vulnerable to a stored XSS via the action_text, action_button_text, action_link, and action_class fields in the Call to Action across all versions up to 13.4. Exploitation requires contributor-level authentication...
Exploit for CVE-2025-39459
CVE-2025-39459 Real Estate 7 = 3.5.2 - Unauthenticated Pri...
WordPress MediCenter - Health Medical Clinic WordPress Theme theme <= 14.9 - Reflected Cross Site Scripting (XSS) vulnerability
WordPress MediCenter - Health Medical Clinic WordPress Theme theme = 14.9 - Reflected Cross Site Scripting XSS vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme MediCenter - Health Medical Clinic versions = 14.9...
WordPress Consultor | Consulting, Accounting & Legal Counsel WordPress Theme theme <= 1.2.4 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Consultor | Consulting, Accounting & Legal Counsel WordPress Theme versions = 1.2.4...
WordPress TopScorer - Sports WordPress Theme theme <= 1.2 - Local File Inclusion vulnerability
WordPress TopScorer - Sports WordPress Theme theme = 1.2 - Local File Inclusion vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme TopScorer - Sports WordPress Theme versions = 1.2...
Exploit for CVE-2025-69295
CVE-2025-69295 — TeconceTheme Coven Core Blind SQL Injection Vul...
CVE-2025-69368
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GT3themes SOHO - Photography WordPress Theme soho allows DOM-Based XSS.This issue affects SOHO - Photography WordPress Theme: from n/a through = 3.0.3...