9.8
CVE-2026-22384 - WordPress Applay - Shortcodes plugin <= 3.7 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in leafcolor Applay - Shortcodes applay-shortcodes allows Object Injection.This issue affects Applay - Shortcodes: from n/a through <= 3.7.
7.5
CVE-2026-22383 - WordPress PawFriends - Pet Shop and Veterinary WordPress theme theme <= 1.3 - Insecure Direct Objecβ¦
Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes PawFriends - Pet Shop and Veterinary WordPress Theme pawfriends allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PawFriends - Pet Shop and Veterinary WordPress Theme: from n/a tβ¦
8.1
CVE-2026-22381 - WordPress PawFriends - Pet Shop and Veterinary WordPress Theme theme <= 1.3 - Local File Inclusion β¦
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Mikado-Themes PawFriends - Pet Shop and Veterinary WordPress Theme pawfriends allows PHP Local File Inclusion.This issue affects PawFriends - Pet Shop and Veterinary WordPress Thβ¦
8.1
CVE-2026-22380 - WordPress UnlimHost theme <= 1.2.3 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes UnlimHost unlimhost allows PHP Local File Inclusion.This issue affects UnlimHost: from n/a through <= 1.2.3.
8.1
CVE-2026-22379 - WordPress Netmix theme <= 1.0.10 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Netmix netmix allows PHP Local File Inclusion.This issue affects Netmix: from n/a through <= 1.0.10.
8.1
CVE-2026-22378 - WordPress Blabber theme <= 1.7.0 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Blabber blabber allows PHP Local File Inclusion.This issue affects Blabber: from n/a through <= 1.7.0.
8.1
CVE-2026-22377 - WordPress Saveo theme <= 1.1.2 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Saveo saveo allows PHP Local File Inclusion.This issue affects Saveo: from n/a through <= 1.1.2.
8.1
CVE-2026-22376 - WordPress Parkivia theme <= 1.1.9 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Parkivia parkivia allows PHP Local File Inclusion.This issue affects Parkivia: from n/a through <= 1.1.9.
8.1
CVE-2026-22375 - WordPress Impacto Patronus theme <= 1.2.3 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Impacto Patronus impacto-patronus allows PHP Local File Inclusion.This issue affects Impacto Patronus: from n/a through <= 1.2.3.
8.1
CVE-2026-22374 - WordPress Zio Alberto theme <= 1.2.2 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in AncoraThemes Zio Alberto zioalberto allows PHP Local File Inclusion.This issue affects Zio Alberto: from n/a through <= 1.2.2.