Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 8.1 CVE-2026-39522

WordPress Solene theme <= 3.4 - Local File Inclusion vulnerability_CVE-2026-39522

Unauthenticated Local File Inclusion in Solene

Elated-Themes Solene n/a CVE
HIGH 8.1 CVE-2026-39446

WordPress Kapee theme < 1.7.0 - PHP Object Injection vulnerability_CVE-2026-39446

Unauthenticated PHP Object Injection in Kapee < 1.7.0 versions.

PressLayouts Kapee n/a CVE
HIGH 8.1 CVE-2026-39443

WordPress EmallShop theme <= 2.4.21 - PHP Object Injection vulnerability_CVE-2026-39443

Unauthenticated PHP Object Injection in EmallShop

PressLayouts EmallShop n/a CVE
HIGH 8.1 CVE-2026-34895

WordPress Softlab Core plugin < 1.2.11 - Local File Inclusion vulnerability_CVE-2026-34895

Unauthenticated Local File Inclusion in Softlab Core < 1.2.11 versions.

WebGeniusLab Softlab Core n/a CVE
HIGH 8.1 CVE-2026-34894

WordPress Integrio Core plugin < 1.2.8 - Local File Inclusion vulnerability_CVE-2026-34894

Unauthenticated Local File Inclusion in Integrio Core < 1.2.8 versions.

WebGeniusLab Integrio Core n/a CVE
HIGH 8.1 CVE-2026-34893

WordPress Thegov Core plugin < 2.0.23 - Local File Inclusion vulnerability_CVE-2026-34893

Unauthenticated Local File Inclusion in Thegov Core < 2.0.23 versions.

WebGeniusLab Thegov Core n/a CVE
HIGH 8.8 CVE-2026-12256

WordPress Avada theme <= 3.15.3 - PHP Object Injection vulnerability_CVE-2026-12256

Contributor PHP Object Injection in Avada

ThemeFusion Avada n/a CVE
HIGH 8.5 CVE-2026-11410

OS Command Injection in BigPond Cable (BPA) Configuration in TP-Link TL-WR940N_CVE-2026-11410

An authenticated OS command injection vulnerability exists in the BigPond Cable (BPA) WAN configuration module in TL-WR940N v6 due to improper sani...

TP-Link Systems Inc. TL-WR940N v6 CVE
HIGH 8.5 CVE-2026-11409

OS Command Injection in IPv6 PPPoE Configuration in TP-Link TL-WR940N_CVE-2026-11409

An authenticated OS command injection vulnerability exists in the IPv6 PPPoE configuration handler in TL-WR940N v6 due to improper sanitization of ...

TP-Link Systems Inc. TL-WR940N v6 CVE
HIGH 8.1 CVE-2025-69178

WordPress Truemag theme <= 4.3.14.2 - Local File Inclusion vulnerability_CVE-2025-69178

Unauthenticated Local File Inclusion in Truemag

CactusThemes Truemag n/a CVE