WordPress Theme Vulnerabilities

Slug
Published
Title
Slug
multifox
Published
2025-01-14
Title
Multifox <= 1.3.7 - Authenticated (Contributor+) Stored Cross-Site Scripting
Slug
multioffice
Published
2026-03-10
Title
MultiOffice <= 1.2 - Unauthenticated Local File Inclusion
Slug
multipurpose
Published
2024-08-07
Title
MultiPurpose <= 1.2.0 - Authenticated (Contributor+) PHP Object Injection
Slug
music
Published
2014-08-01
Title
Music - Multiple Script Direct Request Path Disclosure
Slug
musico
Published
2026-02-24
Title
Musico < 3.4.5 - Reflected Cross-Site Scripting
Slug
musicplace
Published
2025-12-31
Title
Sound | Musical Instruments Online Store <= 1.6.9 - Unauthenticated PHP Object Injection
Slug
muzicon
Published
2026-02-26
Title
Muzicon <= 1.9.0 - Unauthenticated Local File Inclusion
Slug
my-flatonica
Published
2024-10-14
Title
my flatonica <= 0.0.8 & my wooden under construction <= 2.0.7 - Reflected Cross-Site Scripting
Slug
my-white
Published
2025-01-18
Title
my white <= 2.0.8 - Reflected Cross-Site Scripting
Slug
my-wooden-under-construction
Published
2024-10-14
Title
my flatonica <= 0.0.8 & my wooden under construction <= 2.0.7 - Reflected Cross-Site Scripting
Slug
mydecor
Published
2026-03-20
Title
MyDecor < 1.5.9 - Reflected Cross-Site Scripting
Slug
mymedi
Published
2026-03-20
Title
MyMedi < 1.7.7 - Reflected Cross-Site Scripting
Slug
myour
Published
2026-01-12
Title
Myour <= 1.5.1 - Unauthenticated Local File Inclusion
Slug
myriad
Published
2014-08-01
Title
Myriad 2.0 - dl-skin.php _mysite_delete_skin_zip Parameter Absolute Path Traversal Remote Directory Deletion
Slug
myriad
Published
2014-08-01
Title
Myriad 2.0 - dl-skin.php _mysite_download_skin Parameter Absolute Path Traversal Remote File Download
Slug
myriad
Published
2015-02-11
Title
WordPress Slider Revolution - Local File Disclosure
Slug
myriad
Published
2014-11-30
Title
WordPress Slider Revolution Shell Upload
Slug
mystique
Published
2024-08-29
Title
Mystique <= 2.5.7 - Authenticated (Contributor+) Stored Cross-Site Scripting