368676 matches found
CVE-2026-27436
The CVE covers WordPress plugin Five Star Business Profile and Schema (versions
CVE-2026-27430
CVE-2026-27430 affects the WordPress TheFox theme (
CVE-2026-27433
The CVE concerns the WordPress Motors theme (
CVE-2026-27426
CVE-2026-27426 affects the WordPress Automotive Car Dealership Business theme
CVE-2026-27425
CVE-2026-27425 details (normal mode): Unauthenticated, reflected Cross-Site Scripting (XSS) vulnerability affecting WordPress Automotive Listings plugin, versions up to and including 18.6. The issue is due to a reflected XSS flaw in the plugin’s input handling, allowing an attacker to craft a mal...
CVE-2026-27419
CVE-2026-27419 affects WordPress Zegen theme versions
CVE-2026-27414
CVE-2026-27414 details (provided): WordPress Werkstatt theme
CVE-2026-27412
Affected software: WordPress Pearl – Corporate Business theme (versions <= 3.4.10). Vulnerability: Local File Inclusion (LFI) that is unauthenticated. Root cause/tech details: Unauthenticated LFI present in Pearl – Corporate Business
CVE-2026-27408
CVE-2026-27408 affects WordPress NativeChurch theme versions
CVE-2026-27404
CVE-2026-27404 concerns WordPress LMS theme <= 9.7 with a reflected Cross Site Scripting (XSS) vulnerability. The issue is described as unauthenticated XSS in LMS <= 9.7 versions. CVSS v3.1 base score is 7.1 (HIGH) with vector CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L; attack vector: NET...
CVE-2026-27402
CVE-2026-27402 refers to an unauthenticated Cross Site Scripting (XSS) vulnerability in the WordPress theme set for Kids Life | Children School, affected in versions
CVE-2026-27060
CVE-2026-27060 details (connected documents) : A PHP Object Injection vulnerability affects the WordPress ARMember Premium plugin (<= 7.0). The root cause is PHP Object Injection in ARMember Premium
CVE-2025-69156
CVE-2025-69156 details unauthenticated Cross Site Scripting in the WordPress Kids Zone – Children WordPress Theme, affected Versions
CVE-2025-69155
CVE-2025-69155 affects the Fitness Zone WordPress Theme up to version 5.7. It is described as an unauthenticated Cross Site Scripting (XSS) vulnerability in the theme, with CVSS v3.1 base score 7.1 (HIGH). Attack vector: NETWORK; Attack complexity: LOW; Privileges required: NONE; User interaction...
CVE-2025-69154
CVE-2025-69154 affects the SpaLab | Beauty Salon WordPress Theme up to version 6.7. It is an unauthenticated Cross-Site Scripting (XSS) vulnerability in the theme. The CVSS v3.1 base score is 7.1 (HIGH) with network attack, no privileges required, user interaction required, and low impacts to con...
CVE-2025-69153
Mode C: CVE-2025-69153 affects the WordPress Trendy Travel theme (≤ 6.7). The issue is an unauthenticated reflected XSS in the Trendy Travel theme, enabling injection of script via user interaction. Impact is listed as low for confidentiality, integrity, and availability, with a CVSS ~7.1 (NETWOR...
CVE-2025-69152
CVE-2025-69152 affects the Artale | Wedding Photography WordPress theme (versions
CVE-2025-69134
CVE-2025-69134: WordPress OpenAI Chatbot for WordPress – Helper plugin
CVE-2025-69133
CVE-2025-69133 affects the WordPress Tourmaster plugin versions
CVE-2025-69132
Technical details about CVE-2025-69132 are not publicly available in the provided documents. Please monitor sources for updates regarding affected product versions, root cause, impact, and remediation.