Skip to content
Features
Pricing
Solutions
Status
API Details
CLI Scanner
Vulnerabilities
Themes
WordPress
Plugins
Stats
Submit Vulnerabilities
Leaderboard
Resources
Blog
Enterprise Features
How to Install WPScan
WPScan Glossary
2024 Website Threat Report
Search
WordPress Theme Vulnerabilities
Show Previous Letters
0-9
a
b
c
d
e
f
g
h
i
j
k
l
m
n
o
p
q
r
s
t
u
v
w
x
y
z
Show Next Letters
Slug
Published
Title
Slug
valen
Published
2025-06-09
Title
Valen - Sport, Fashion WooCommerce WordPress Theme <= 2.4 - Unauthenticated Local File Inclusion
Slug
vango
Published
2025-12-30
Title
Vango <= 1.3.3 - Unauthenticated Local File Inclusion
Slug
veda
Published
2025-03-04
Title
VEDA - MultiPurpose WordPress Theme <= 4.2 - Authenticated (Subscriber+) PHP Object Injection
Slug
veda
Published
2025-06-24
Title
VEDA <= 4.2 - Authenticated (Subscriber+) PHP Object Injection
Slug
velvet
Published
2014-08-01
Title
Velvet - Unspecified XSS
Slug
venice-lite
Published
2023-08-14
Title
Multiple Themes - Reflected XSS
Slug
verbosa
Published
2024-09-16
Title
Verbosa < 1.2.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
Slug
verdure
Published
2026-01-02
Title
Verdure <= 1.6 - Authenticated (Subscriber+) Insecure Direct Object Reference
Slug
vernissage
Published
2015-06-26
Title
Multiple Themes - Privilige Escalation
Slug
vertice
Published
2024-04-26
Title
ColibriWP Theme framework - Various Versions and Themes - Missing Authorization
Slug
viable-blog
Published
2023-04-25
Title
Viable blog <= 1.1.4 - Reflected XSS
Slug
viala
Published
2023-08-14
Title
Multiple Themes - Reflected XSS
Slug
viala
Published
2024-09-24
Title
Viala <= 1.3.1 - Reflected Cross-Site Scripting
Slug
viburno
Published
2023-08-14
Title
Multiple Themes - Reflected XSS
Slug
videoblog
Published
2023-07-18
Title
Freemius SDK < 2.5.10 - Reflected Cross-Site Scripting
Slug
videopro
Published
2026-01-08
Title
VideoPro <= 2.3.8.1 - Unauthenticated Local File Inclusion
Slug
vidmov
Published
2025-07-23
Title
VidMov <= 1.9.4 - Unauthenticated Local File Inclusion
Slug
vidmov
Published
2026-01-02
Title
VidMov < 2.3.9 - Authenticated (Subscriber+) Path Traversal
Slug
vikinger
Published
2025-04-24
Title
Vikinger < 1.9.31 - Authenticated (Subscriber+) Privilege Escalation via 'vikinger_user_meta_update_ajax'
Slug
vikinger
Published
2025-07-01
Title
Vikinger < 1.9.33 - Authenticated (Subscriber+) Arbitrary File Deletion via vikinger_delete_activity_media_ajax Function
Slug
villar
Published
2022-02-28
Title
Unauthorised AJAX Calls via Freemius
Slug
villar
Published
2023-07-18
Title
Freemius SDK < 2.5.10 - Reflected Cross-Site Scripting
Slug
vilva
Published
2024-06-20
Title
Vilva < 1.2.3 - Cross-Site Request Forgery to Notice Dismissal
Slug
viralike
Published
2022-02-28
Title
Unauthorised AJAX Calls via Freemius
Slug
viralike
Published
2023-07-18
Title
Freemius SDK < 2.5.10 - Reflected Cross-Site Scripting
Previous
1
2
Next
Subscribe
Subscribed
WPScan
Join 30,435 other subscribers
Sign me up
Already have a WordPress.com account?
Log in now.
WPScan
Subscribe
Subscribed
Sign up
Log in
Report this content
View site in Reader
Manage subscriptions
Collapse this bar
WPScan 