Soledad

soledad

Vendor: Pencidesign • 8 CVEs

CVEs (8)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-31369 1Pencidesign 1Soledad Jun 17, 2026 Apr 9, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in PenciDesign Soledad.This issue affects Soledad: from n/a through 8.4.2.
CVE-2024-31368 1Pencidesign 1Soledad Jun 17, 2026 Apr 9, 2024 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Missing Authorization vulnerability in PenciDesign Soledad.This issue affects Soledad: from n/a through 8.4.2.
CVE-2024-31367 1Pencidesign 1Soledad Jun 17, 2026 Apr 9, 2024 N/A· v4 7.1 HIGH· v3 N/A· v2 Missing Authorization vulnerability in PenciDesign Soledad.This issue affects Soledad: from n/a through 8.4.2.
CVE-2023-49826 1Pencidesign 1Soledad Jun 17, 2026 Dec 21, 2023 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Deserialization of Untrusted Data vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme.This issue affects Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Them...Show more Deserialization of Untrusted Data vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme.This issue affects Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme: from n/a through 8.4.1.Show less
CVE-2023-49825 1Pencidesign 1Soledad Jun 17, 2026 Dec 20, 2023 N/A· v4 8.1 HIGH· v3 N/A· v2 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme.This issue affects Soledad – Multipu...Show more Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme.This issue affects Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme: from n/a through 8.4.1.Show less
CVE-2023-49827 1Pencidesign 1Soledad Jun 17, 2026 Dec 14, 2023 N/A· v4 6.1 MEDIUM· v3 N/A· v2 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme allows Reflected XSS.This issue affe...Show more Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme allows Reflected XSS.This issue affects Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme: from n/a through 8.4.1.Show less
CVE-2022-41788 1Pencidesign 1Soledad Jun 17, 2026 Nov 18, 2022 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Auth. (subscriber+) Cross-Site Scripting (XSS) vulnerability in Soledad premium theme <= 8.2.5 on WordPress.
CVE-2022-3209 1Pencidesign 1Soledad Jun 17, 2026 Oct 10, 2022 N/A· v4 6.1 MEDIUM· v3 N/A· v2 The soledad WordPress theme before 8.2.5 does not sanitise the {id,datafilter[type],...} parameters in its penci_more_slist_post_ajax AJAX action, leading to a Reflected Cross-Site Scripting (XSS) vulnerability.