Recent Advisories

Severity ID Title Vendor Product Date Type
HIGH 8.1 CVE-2026-39554

WordPress Fidalgo theme <= 1.2.2 - PHP Object Injection vulnerability_CVE-2026-39554

Unauthenticated PHP Object Injection in Fidalgo

Elated-Themes Fidalgo n/a CVE
HIGH 8.1 CVE-2026-39549

WordPress Aperitif theme <= 1.5 - Local File Inclusion vulnerability_CVE-2026-39549

Unauthenticated Local File Inclusion in Aperitif

Elated-Themes Aperitif n/a CVE
HIGH 7.1 CVE-2026-39548

WordPress MagOne theme <= 9.0 - Reflected Cross Site Scripting (XSS) vulnerability_CVE-2026-39548

Unauthenticated Cross Site Scripting (XSS) in MagOne

Sneeit MagOne n/a CVE
HIGH 8.1 CVE-2026-39547

WordPress Getaway theme < 1.8 - Local File Inclusion vulnerability_CVE-2026-39547

Unauthenticated Local File Inclusion in Getaway < 1.8 versions.

Select-Themes Getaway n/a CVE
HIGH 8.1 CVE-2026-39539

WordPress Alloggio – Hotel Booking theme <= 2.1.2 - PHP Object Injection vulnerability_CVE-2026-39539

Unauthenticated PHP Object Injection in Alloggio - Hotel Booking

Edge-Themes Alloggio - Hotel Booking n/a CVE
HIGH 8.1 CVE-2026-39522

WordPress Solene theme <= 3.4 - Local File Inclusion vulnerability_CVE-2026-39522

Unauthenticated Local File Inclusion in Solene

Elated-Themes Solene n/a CVE
HIGH 8.1 CVE-2026-39446

WordPress Kapee theme < 1.7.0 - PHP Object Injection vulnerability_CVE-2026-39446

Unauthenticated PHP Object Injection in Kapee < 1.7.0 versions.

PressLayouts Kapee n/a CVE
HIGH 8.1 CVE-2026-39443

WordPress EmallShop theme <= 2.4.21 - PHP Object Injection vulnerability_CVE-2026-39443

Unauthenticated PHP Object Injection in EmallShop

PressLayouts EmallShop n/a CVE
HIGH 8.1 CVE-2026-34895

WordPress Softlab Core plugin < 1.2.11 - Local File Inclusion vulnerability_CVE-2026-34895

Unauthenticated Local File Inclusion in Softlab Core < 1.2.11 versions.

WebGeniusLab Softlab Core n/a CVE
HIGH 8.1 CVE-2026-34894

WordPress Integrio Core plugin < 1.2.8 - Local File Inclusion vulnerability_CVE-2026-34894

Unauthenticated Local File Inclusion in Integrio Core < 1.2.8 versions.

WebGeniusLab Integrio Core n/a CVE