Latest CVE Feed

  1. Home
  2. Vulnerabilities
  3. Latest
CVE Intelligence

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

All Critical Actively Exploited Remotely Exploitable
Last Updated Published CVSS Score
Score
Vulnerability
Published
8.1 HIGH
CVE-2026-39590 — WordPress Atomlab theme <= 2.4.5 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Atomlab <= 2.4.5 versions.

Remote | Path Traversal
Jun 17, 2026 Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
8.1 HIGH
CVE-2026-39576 — WordPress SingleMalt theme <= 1.5 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in SingleMalt <= 1.5 versions.

Remote | Injection
Jun 17, 2026 Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
8.1 HIGH
CVE-2026-39560 — WordPress Hiroshi theme <= 1.5.1 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Hiroshi <= 1.5.1 versions.

Remote | Injection
Jun 17, 2026 Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
8.1 HIGH
CVE-2026-39559 — WordPress Uppercase theme < 1.2.2 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Uppercase < 1.2.2 versions.

Remote
Jun 17, 2026 Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
8.1 HIGH
CVE-2026-39556 — WordPress Konsept theme <= 1.9 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Konsept <= 1.9 versions.

Remote | Injection
Jun 17, 2026 Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
8.1 HIGH
CVE-2026-39523 — WordPress Solene Core plugin <= 2.3.2 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Solene Core <= 2.3.2 versions.

Remote | Path Traversal
Jun 17, 2026 Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
8.1 HIGH
CVE-2026-39445 — WordPress Alukas theme < 3.0.0 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Alukas < 3.0.0 versions.

Remote | Injection
Jun 17, 2026 Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
8.1 HIGH
CVE-2026-39442 — WordPress PressMart theme <= 1.2.26 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in PressMart <= 1.2.26 versions.

pressmart | Remote | Injection
Jun 17, 2026 Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
8.1 HIGH
CVE-2025-69175 — WordPress Line Agency theme <= 1.3.1 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Line Agency <= 1.3.1 versions.

Remote | Path Traversal
Jun 17, 2026 Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
8.1 HIGH
CVE-2025-69174 — WordPress Etude theme <= 1.6 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Etude <= 1.6 versions.

Remote | Path Traversal
Jun 17, 2026 Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
8.1 HIGH
CVE-2025-69170 — WordPress Eventicity theme <= 1.5 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Eventicity <= 1.5 versions.

Remote | Path Traversal
Jun 17, 2026 Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
8.1 HIGH
CVE-2025-69166 — WordPress Gunslinger theme <= 1.7 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Gunslinger <= 1.7 versions.

Remote | Path Traversal
Jun 17, 2026 Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
8.1 HIGH
CVE-2025-69164 — WordPress Skyward theme <= 1.10 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Skyward <= 1.10 versions.

Remote | Path Traversal
Jun 17, 2026 Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
8.1 HIGH
CVE-2025-69158 — WordPress Granola theme <= 1.13 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Granola <= 1.13 versions.

Remote | Path Traversal
Jun 17, 2026 Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
8.1 HIGH
CVE-2025-69157 — WordPress Gamic theme <= 1.15 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Gamic <= 1.15 versions.

Remote | Path Traversal
Jun 17, 2026 Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
8.1 HIGH
CVE-2025-69144 — WordPress Preservation theme <= 1.10 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Preservation <= 1.10 versions.

Remote | Path Traversal
Jun 17, 2026 Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
7.1 HIGH
CVE-2025-69140 — WordPress SweetDate Core plugin < 1.1.5 - Reflected Cross Site Scripting (XSS) vulnerabil…

Unauthenticated Cross Site Scripting (XSS) in SweetDate Core < 1.1.5 versions.

Remote | Cross-Site Scripting
Jun 17, 2026 Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
8.8 HIGH
CVE-2025-69130 — WordPress Entrepreneur - Booking for Small Businesses WordPress Theme theme <= 3.1.3 - PH…

Subscriber PHP Object Injection in Entrepreneur - Booking for Small Businesses WordPress Theme <= 3.1.3 versions.

Remote | Injection
Jun 17, 2026 Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
9.8 CRITICAL
CVE-2025-69127 — WordPress Plumbing theme <= 1.6 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Plumbing <= 1.6 versions.

Remote | Injection
Jun 17, 2026 Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
8.1 HIGH
CVE-2025-69126 — WordPress Fortius theme <= 2.3.0 - Local File Inclusion vulnerability

Unauthenticated Local File Inclusion in Fortius <= 2.3.0 versions.

Remote | Path Traversal
Jun 17, 2026 Jun 17, 2026
Jun 17, 2026
Jun 17, 2026
Showing 20 of 7617 Results