Filtered by vendor Select-themes
Subscriptions
Total
25 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-39547 | 2 Select-themes, Wordpress | 2 Getaway, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated Local File Inclusion in Getaway < 1.8 versions. | ||||
| CVE-2026-39567 | 2 Select-themes, Wordpress | 2 Santé, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated PHP Object Injection in Santé <= 1.5.1 versions. | ||||
| CVE-2026-39580 | 2 Select-themes, Wordpress | 2 Micdrop, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated PHP Object Injection in Micdrop <= 1.3.1 versions. | ||||
| CVE-2026-39560 | 2 Select-themes, Wordpress | 2 Hiroshi, Wordpress | 2026-06-26 | 8.1 High |
| Unauthenticated PHP Object Injection in Hiroshi <= 1.5.1 versions. | ||||
| CVE-2026-39545 | 2 Select-themes, Wordpress | 2 Zermatt, Wordpress | 2026-06-20 | 8.1 High |
| Unauthenticated PHP Object Injection in Zermatt <= 1.6.1 versions. | ||||
| CVE-2026-39573 | 2 Select-themes, Wordpress | 2 Mildhill, Wordpress | 2026-06-20 | 8.1 High |
| Unauthenticated PHP Object Injection in Mildhill <= 1.5 versions. | ||||
| CVE-2026-40752 | 2 Select-themes, Wordpress | 2 Manufaktur Solutions, Wordpress | 2026-06-20 | 8.1 High |
| Unauthenticated PHP Object Injection in Manufaktur Solutions <= 1.1.1 versions. | ||||
| CVE-2026-39553 | 2 Select-themes, Wordpress | 2 Waveride, Wordpress | 2026-06-02 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes WaveRide allows PHP Local File Inclusion. This issue affects WaveRide: from n/a through 1.4. | ||||
| CVE-2024-34553 | 1 Select-themes | 1 Stockholm Core | 2026-04-28 | 7.1 High |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Select-Themes Stockholm Core allows Reflected XSS.This issue affects Stockholm Core: from n/a through 2.4.1. | ||||
| CVE-2024-34554 | 2 Select-themes, Select Themes | 2 Stockholm Core, Stockholm Core | 2026-04-28 | 8.5 High |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Select-Themes Stockholm Core allows PHP Local File Inclusion.This issue affects Stockholm Core: from n/a through 2.4.1. | ||||
| CVE-2025-68067 | 2 Select-themes, Wordpress | 2 Stockholm Core, Wordpress | 2026-04-27 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Stockholm Core stockholm-core allows PHP Local File Inclusion.This issue affects Stockholm Core: from n/a through <= 2.4.6. | ||||
| CVE-2025-68068 | 2 Select-themes, Wordpress | 2 Stockholm, Wordpress | 2026-04-24 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Stockholm stockholm allows PHP Local File Inclusion.This issue affects Stockholm: from n/a through <= 9.14.1. | ||||
| CVE-2025-68077 | 2 Select-themes, Wordpress | 2 Stockholm, Wordpress | 2026-04-24 | 6.5 Medium |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Select-Themes Stockholm stockholm allows Stored XSS.This issue affects Stockholm: from n/a through <= 9.14.1. | ||||
| CVE-2026-32502 | 2 Select-themes, Wordpress | 2 Borgholm, Wordpress | 2026-04-24 | 9.8 Critical |
| Deserialization of Untrusted Data vulnerability in Select-Themes Borgholm borgholm-marketing-agency-theme allows Object Injection.This issue affects Borgholm: from n/a through < 1.6. | ||||
| CVE-2026-25457 | 2 Select-themes, Wordpress | 2 Mixtape, Wordpress | 2026-04-24 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Mixtape mixtape allows PHP Local File Inclusion.This issue affects Mixtape: from n/a through <= 2.1. | ||||
| CVE-2026-25458 | 2 Select-themes, Wordpress | 2 Moments, Wordpress | 2026-04-24 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Moments moments allows PHP Local File Inclusion.This issue affects Moments: from n/a through <= 2.2. | ||||
| CVE-2025-67521 | 2 Select-themes, Wordpress | 2 Select Core, Wordpress | 2026-04-23 | 7.5 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Select Core select-core allows PHP Local File Inclusion.This issue affects Select Core: from n/a through < 2.6. | ||||
| CVE-2026-22449 | 2 Select-themes, Wordpress | 2 Don Peppe, Wordpress | 2026-04-22 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Don Peppe donpeppe allows PHP Local File Inclusion.This issue affects Don Peppe: from n/a through <= 1.3. | ||||
| CVE-2026-22446 | 2 Select-themes, Wordpress | 2 Prowess, Wordpress | 2026-04-22 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes Prowess prowess allows PHP Local File Inclusion.This issue affects Prowess: from n/a through <= 1.8.1. | ||||
| CVE-2026-22423 | 2 Select-themes, Wordpress | 2 Setsail, Wordpress | 2026-04-22 | 8.1 High |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Select-Themes SetSail setsail allows PHP Local File Inclusion.This issue affects SetSail: from n/a through <= 1.8. | ||||