Skip to content
Features
Pricing
Solutions
Status
API Details
CLI Scanner
Vulnerabilities
Themes
WordPress
Plugins
Stats
Submit Vulnerabilities
Leaderboard
Resources
Blog
Enterprise Features
How to Install WPScan
WPScan Glossary
2024 Website Threat Report
Search
WordPress Theme Vulnerabilities
Show Previous Letters
0-9
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
y
z
Show Next Letters
Slug
Published
Title
Slug
beach_apollo
Published
2014-11-30
Title
WordPress Slider Revolution Shell Upload
Slug
beacon
Published
2026-02-27
Title
Beacon <= 2.24 - Unauthenticated Local File Inclusion
Slug
beautique
Published
2025-09-02
Title
Beautique <= 1.5 - Unauthenticated Local File Inclusion
Slug
beauty
Published
2024-09-12
Title
Beauty <= 1.1.4 - Authenticated (Subscriber+) Stored Cross-Site Scripting via tpl_featured_cat_id Parameter
Slug
beauty-premium
Published
2016-03-11
Title
Beauty & Clean Theme 1.0.8 - Arbitrary File Upload
Slug
beelove
Published
2026-03-09
Title
Beelove | Honey Production and Sweets Online Store WordPress Theme <= 1.2.6 - Unauthenticated PHP Object Injection
Slug
belfort
Published
2026-03-10
Title
Belfort <= 1.0 - Unauthenticated Local File Inclusion
Slug
belletrist
Published
2026-02-11
Title
Belletrist <= 1.2 - Unauthenticated Local File Inclusion
Slug
bellevuex
Published
2025-04-22
Title
Hotel + Bed and Breakfast Booking Calendar Theme | Bellevue <= 4.2.2 - Missing Authorization
Slug
bello
Published
2021-05-16
Title
Bello < 1.6.0 - Authenticated Cross-Site Scripting (XSS) and XFS
Slug
bello
Published
2021-05-16
Title
Bello < 1.6.0 - Unauthenticated Reflected XSS & XFS
Slug
bello
Published
2021-05-16
Title
Bello < 1.6.0 - Unauthenticated Blind SQL Injection
Slug
benevolent
Published
2024-06-28
Title
Benevolent < 1.3.5 - Cross-Site Request Forgery to Notice Dismissal
Slug
berger
Published
2026-03-03
Title
Berger <= 1.1.1 - Unauthenticated Local File Inclusion
Slug
besa
Published
2025-06-11
Title
Besa < 2.3.10 - Unauthenticated Local File Inclusion
Slug
besa
Published
2025-12-15
Title
Besa < 2.3.16 - Authenticated (Contributor+) Local File Inclusion
Slug
besa
Published
2026-02-04
Title
Besa < 2.3.16 - Unauthenticated Local File Inclusion
Slug
betheme
Published
2022-11-17
Title
Betheme < 26.6 - Subscriber+ PHP Object Injection
Slug
betheme
Published
2022-11-22
Title
BeTheme < 26.6.3 - Subscriber+ Stored XSS
Slug
betheme
Published
2022-11-21
Title
Betheme < 26.6.3 - Subscriber+ Unauthorised Action
Slug
betheme
Published
2023-04-13
Title
Betheme < 26.8 - Reflected XSS
Slug
betheme
Published
2022-11-21
Title
Betheme < 26.6.3 - Missing Authorization
Slug
betheme
Published
2022-11-21
Title
Betheme < 26.6 - Contributor+ PHP Object Injection
Slug
betheme
Published
2023-11-14
Title
Betheme < 27.1.2 - Missing Authorization
Slug
betheme
Published
2024-08-29
Title
Betheme | Responsive Multipurpose WordPress & WooCommerce Theme <= 27.5.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
Previous
1
2
3
4
5
Next
Subscribe
Subscribed
WPScan
Join 30,892 other subscribers
Sign me up
Already have a WordPress.com account?
Log in now.
WPScan
Subscribe
Subscribed
Sign up
Log in
Report this content
View site in Reader
Manage subscriptions
Collapse this bar
WPScan 