WordPress Theme Vulnerabilities

Slug
Published
Title
Slug
kerge
Published
2025-12-15
Title
Kerge < 4.1.4 - Unauthenticated Server-Side Request Forgery
Slug
kernel-theme
Published
2014-08-01
Title
Kernel Theme - functions/upload-h&ler.php File Upload Remote Code Execution
Slug
kiamo
Published
2025-05-21
Title
Kiamo - Responsive Business Service WordPress Theme < 1.3.6 - Unauthenticated Local File Inclusion
Slug
kicker
Published
2025-08-19
Title
Kicker <= 2.2.0 - Unauthenticated Local File Inclusion
Slug
kiddo
Published
2014-08-01
Title
Kiddo - remote shell upload
Slug
kids-world
Published
2026-01-13
Title
Kids Heaven <= 3.2 - Authenticated (Subscriber+) PHP Object Injection
Slug
kidsplanet
Published
2025-05-21
Title
Kids Planet < 2.2.14.1 - Unauthenticated PHP Object Injection
Slug
kindlycare
Published
2026-01-29
Title
KindlyCare <= 1.6.1 - Unauthenticated PHP Object Injection
Slug
kingcabs
Published
2025-12-12
Title
Kingcabs < 1.1.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via progressbarLayout Parameter
Slug
kingclub-theme
Published
2022-12-29
Title
Multiple themes - Unauthenticated Arbitrary File Upload
Slug
kingler
Published
2026-02-23
Title
Kingler <= 1.7 - Unauthenticated PHP Object Injection
Slug
kings-queens
Published
2025-09-05
Title
Kings & Queens <= 1.1.16 - Unauthenticated Local File Inclusion
Slug
kinsley
Published
2025-05-20
Title
Multiple Themes by bslthemes - Unauthenticated Local File Inclusion
Slug
kipso
Published
2025-08-23
Title
Kipso < 1.3.5 - Unauthenticated Local File Inclusion
Slug
kitring
Published
2025-08-20
Title
Kitring <= 2.8 - Unauthenticated Local File Inclusion
Slug
kleo
Published
2024-12-19
Title
Kleo < 5.4.4 - Reflected Cross-Site Scripting
Slug
kleo
Published
2025-04-29
Title
KLEO < 5.4.4 - Missing Authorization
Slug
kleo
Published
2025-10-30
Title
Kleo < 5.5.0 - Authenticated (Contributor+) Local File Inclusion
Slug
konte
Published
2026-01-29
Title
Konte < 2.4.7 - Missing Authorization
Slug
konzept
Published
2014-08-01
Title
Konzept - Unspecified XSS
Slug
konzept
Published
2014-09-19
Title
Konzept 1.0 - Arbitrary File Upload
Slug
konzept
Published
2020-08-06
Title
Konzept < 2.5 - Unauthenticated Reflected XSS
Slug
kormosala
Published
2020-07-13
Title
Kormosala – Job Board < 1.0.23 - Unauthenticated Reflected XSS
Slug
kossy
Published
2025-07-01
Title
Kossy - Minimalist eCommerce WordPress Theme <= 1.45 - Unauthenticated Local File Inclusion
Slug
kratz
Published
2026-03-02
Title
Kratz <= 1.0.12 - Unauthenticated Local File Inclusion