Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 7.1 CVE-2025-69156

WordPress Kids Zone – Children WordPress Theme theme <= 5.4 - Cross Site Scripting (XSS) vulnerability_CVE-2025-69156

Unauthenticated Cross Site Scripting (XSS) in Kids Zone - Children WordPress Theme

Design themes Kids Zone - Children WordPress Theme n/a CVE
HIGH 7.1 CVE-2025-69155

WordPress Fitness Zone WordPress Theme theme <= 5.7 - Cross Site Scripting (XSS) vulnerability_CVE-2025-69155

Unauthenticated Cross Site Scripting (XSS) in Fitness Zone WordPress Theme

Designthemes Fitness Zone WordPress Theme n/a CVE
HIGH 7.1 CVE-2025-69154

WordPress SpaLab | Beauty Salon WordPress Theme theme <= 6.7 - Cross Site Scripting (XSS) vulnerability_CVE-2025-69154

Unauthenticated Cross Site Scripting (XSS) in SpaLab | Beauty Salon WordPress Theme

designthemes SpaLab | Beauty Salon WordPress Theme n/a CVE
HIGH 7.1 CVE-2025-69153

WordPress Trendy Travel theme <= 6.7 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2025-69153

Unauthenticated Cross Site Scripting (XSS) in Trendy Travel

designthemes Trendy Travel n/a CVE
HIGH 7.1 CVE-2025-69152

WordPress Artale | Wedding Photography WordPress theme <= 2.2.2 - Cross Site Scripting (XSS) vulnerability_CVE-2025-69152

Unauthenticated Cross Site Scripting (XSS) in Artale | Wedding Photography WordPress

ThemeGoods Artale | Wedding Photography WordPress n/a CVE
HIGH 7.5 CVE-2025-69134

WordPress OpenAI Chatbot for WordPress – Helper plugin <= 1.1.4 - Arbitrary Content Deletion vulnerability_CVE-2025-69134

Unauthenticated Arbitrary Content Deletion in OpenAI Chatbot for WordPress – Helper

Merkulove OpenAI Chatbot for WordPress – Helper n/a CVE
HIGH 7.5 CVE-2025-69133

WordPress Tourmaster plugin <= 5.4.5 - Local File Inclusion vulnerability_CVE-2025-69133

Subscriber Local File Inclusion in Tourmaster

GoodLayers Tourmaster n/a CVE
HIGH 8.5 CVE-2025-69094

WordPress Unicamp theme <= 2.2.2 - SQL Injection vulnerability_CVE-2025-69094

Subscriber SQL Injection in Unicamp

ThemeMove Unicamp n/a CVE
HIGH 8.1 CVE-2025-58902

WordPress Lighthouse theme <= 1.2.12 - Local File Inclusion vulnerability_CVE-2025-58902

Unauthenticated Local File Inclusion in Lighthouse

AncoraThemes Lighthouse n/a CVE
HIGH 7.5 CVE-2026-9563

CVE-2026-9563_CVE-2026-9563

In Eclipse Parsson published Maven Central artifacts before version 1.1.8, the JSON parser did not enforce a default maximum on the number of chara...

Eclipse Foundation Eclipse Parsson 1.0.0 CVE