Soledad Security Vulnerabilities and Issues — Soledad CVE List

Lucene search

PencidesignSoledad

3 matches found

CVE•added 2025/08/16 12:15 p.m.•6 views

CVE-2025-8105

The The Soledad theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 8.6.7. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthentic...

7.3CVSS7.3AI score0.00191EPSS

CVE•added 2025/08/16 12:15 p.m.•6 views

CVE-2025-8142

The Soledad theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 8.6.7 via the 'header_layout' parameter. This makes it possible for authenticated attackers, with Contributor-level access and above, to include and execute arbitrary .php files on the server...

8.8CVSS7.3AI score0.00083EPSS

CVE•added 2025/08/16 12:15 p.m.•4 views

CVE-2025-8143

The Soledad theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘pcsml_smartlists_h’ parameter in all versions up to, and including, 8.6.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acce...

6.4CVSS5.6AI score0.00032EPSS