Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 8.1 CVE-2026-39580

WordPress Micdrop theme <= 1.3.1 - PHP Object Injection vulnerability_CVE-2026-39580

Unauthenticated PHP Object Injection in Micdrop

Select-Themes Micdrop n/a CVE
HIGH 8.1 CVE-2026-39578

WordPress Valiance theme <= 1.2 - PHP Object Injection vulnerability_CVE-2026-39578

Unauthenticated PHP Object Injection in Valiance

Elated-Themes Valiance n/a CVE
HIGH 8.1 CVE-2026-39577

WordPress Playroom theme <= 1.4.1 - PHP Object Injection vulnerability_CVE-2026-39577

Unauthenticated PHP Object Injection in Playroom

Elated-Themes Playroom n/a CVE
HIGH 8.1 CVE-2026-39568

WordPress Mr. SEO theme <= 2.0 - Local File Inclusion vulnerability_CVE-2026-39568

Unauthenticated Local File Inclusion in Mr. SEO

Elated-Themes Mr. SEO n/a CVE
HIGH 8.1 CVE-2026-39567

WordPress Santé theme <= 1.5.1 - PHP Object Injection vulnerability_CVE-2026-39567

Unauthenticated PHP Object Injection in Santé

Select-Themes Santé n/a CVE
HIGH 8.1 CVE-2026-39557

WordPress NeoBeat theme <= 1.7 - PHP Object Injection vulnerability_CVE-2026-39557

Unauthenticated PHP Object Injection in NeoBeat

Elated-Themes NeoBeat n/a CVE
HIGH 8.1 CVE-2026-39554

WordPress Fidalgo theme <= 1.2.2 - PHP Object Injection vulnerability_CVE-2026-39554

Unauthenticated PHP Object Injection in Fidalgo

Elated-Themes Fidalgo n/a CVE
HIGH 8.1 CVE-2026-39549

WordPress Aperitif theme <= 1.5 - Local File Inclusion vulnerability_CVE-2026-39549

Unauthenticated Local File Inclusion in Aperitif

Elated-Themes Aperitif n/a CVE
HIGH 7.1 CVE-2026-39548

WordPress MagOne theme <= 9.0 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-39548

Unauthenticated Cross Site Scripting (XSS) in MagOne

Sneeit MagOne n/a CVE
HIGH 8.1 CVE-2026-39547

WordPress Getaway theme < 1.8 - Local File Inclusion vulnerability_CVE-2026-39547

Unauthenticated Local File Inclusion in Getaway < 1.8 versions.

Select-Themes Getaway n/a CVE