8.1
CVE-2026-27339 - WordPress Buzz Stone | Magazine & Viral Blog WordPress Theme theme <= 1.0.2 - Local File Inclusion β¦
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Buzz Stone | Magazine & Viral Blog WordPress Theme buzzstone allows PHP Local File Inclusion.This issue affects Buzz Stone | Magazine & Viral Blog WordPress Theme: fβ¦
8.8
CVE-2026-27338 - WordPress Car Zone theme <= 3.7 - Deserialization of untrusted data vulnerability
Deserialization of Untrusted Data vulnerability in AivahThemes Car Zone carzone allows Object Injection.This issue affects Car Zone: from n/a through <= 3.7.
8.1
CVE-2026-27337 - WordPress Chronicle - Lifestyle Magazine & Blog WordPress Theme theme <= 1.0 - Local File Inclusionβ¦
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Chronicle - Lifestyle Magazine & Blog WordPress Theme chronicle allows PHP Local File Inclusion.This issue affects Chronicle - Lifestyle Magazine & Blog WordPress Thβ¦
8.1
CVE-2026-27336 - WordPress Consultor | Consulting, Accounting & Legal Counsel WordPress Theme theme <= 1.2.4 - Localβ¦
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Consultor | Consulting, Accounting & Legal Counsel WordPress Theme consultor allows PHP Local File Inclusion.This issue affects Consultor | Consulting, Accounting & β¦
8.1
CVE-2026-27335 - WordPress Ekoterra - NonProfit, Green Energy & Ecology Theme theme <= 1.0.0 - Local File Inclusion β¦
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Ekoterra - NonProfit, Green Energy & Ecology Theme ekoterra allows PHP Local File Inclusion.This issue affects Ekoterra - NonProfit, Green Energy & Ecology Theme: frβ¦
8.1
CVE-2026-27334 - WordPress Alchemists theme <= 4.6.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in dan_fisher Alchemists alchemists allows PHP Local File Inclusion.This issue affects Alchemists: from n/a through <= 4.6.0.
7.1
CVE-2026-27332 - WordPress Agrofood theme < 1.4.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in skygroup Agrofood agrofood allows Reflected XSS.This issue affects Agrofood: from n/a through < 1.4.0.
8.1
CVE-2026-27326 - WordPress AC Services | HVAC, Air Conditioning & Heating Company WordPress Theme theme <= 1.2.5 - Lβ¦
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in axiomthemes AC Services | HVAC, Air Conditioning & Heating Company WordPress Theme window-ac-services allows PHP Local File Inclusion.This issue affects AC Services | HVAC, Air Cβ¦
8.1
CVE-2026-27098 - WordPress Au Pair Agency - Babysitting & Nanny Theme theme <= 1.2.2 - Deserialization of untrusted β¦
Deserialization of Untrusted Data vulnerability in axiomthemes Au Pair Agency - Babysitting & Nanny Theme au-pair-agency allows Object Injection.This issue affects Au Pair Agency - Babysitting & Nanny Theme: from n/a through <= 1.2.2.
8.1
CVE-2026-27097 - WordPress CasaMia | Property Rental Real Estate WordPress Theme theme <= 1.1.2 - Local File Inclusiβ¦
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes CasaMia | Property Rental Real Estate WordPress Theme casamia allows PHP Local File Inclusion.This issue affects CasaMia | Property Rental Real Estate WordPress Themβ¦