Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

PressLayouts

Source -

CNA

BOS Name -

N/A

CNA CVEs -

6

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

0
Related CVEsRelated ProductsRelated AssignersReports
6Vulnerabilities found
CVE-2026-39445
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-8.1||HIGH
EPSS-0.40% / 31.20%
||
7 Day CHG~0.00%
Published-17 Jun, 2026 | 12:47
Updated-17 Jun, 2026 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Alukas theme < 3.0.0 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Alukas < 3.0.0 versions.

Action-Not Available
Vendor-PressLayouts
Product-Alukas
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-39442
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-8.1||HIGH
EPSS-0.31% / 22.29%
||
7 Day CHG~0.00%
Published-17 Jun, 2026 | 12:47
Updated-17 Jun, 2026 | 15:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress PressMart theme <= 1.2.26 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in PressMart <= 1.2.26 versions.

Action-Not Available
Vendor-PressLayouts
Product-PressMart
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-41557
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-7.1||HIGH
EPSS-0.23% / 13.58%
||
7 Day CHG~0.00%
Published-17 Jun, 2026 | 09:51
Updated-17 Jun, 2026 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Kapee theme < 1.7.1 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting (XSS) in Kapee < 1.7.1 versions.

Action-Not Available
Vendor-PressLayouts
Product-Kapee
CWE ID-CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVE-2026-39446
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-8.1||HIGH
EPSS-0.31% / 22.30%
||
7 Day CHG-0.09%
Published-16 Jun, 2026 | 20:57
Updated-17 Jun, 2026 | 14:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress Kapee theme < 1.7.0 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in Kapee < 1.7.0 versions.

Action-Not Available
Vendor-PressLayouts
Product-Kapee
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2026-39443
Assigner-Patchstack
ShareView Details
Assigner-Patchstack
CVSS Score-8.1||HIGH
EPSS-0.31% / 22.30%
||
7 Day CHG-0.09%
Published-16 Jun, 2026 | 20:57
Updated-17 Jun, 2026 | 14:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WordPress EmallShop theme <= 2.4.21 - PHP Object Injection vulnerability

Unauthenticated PHP Object Injection in EmallShop <= 2.4.21 versions.

Action-Not Available
Vendor-PressLayouts
Product-EmallShop
CWE ID-CWE-502
Deserialization of Untrusted Data
CVE-2024-13797
Assigner-Wordfence
ShareView Details
Assigner-Wordfence
CVSS Score-7.3||HIGH
EPSS-0.50% / 38.97%
||
7 Day CHG~0.00%
Published-18 Feb, 2025 | 11:10
Updated-08 Apr, 2026 | 16:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PressMart - Modern Elementor WooCommerce WordPress Theme <= 1.2.16 - Unauthenticated Arbitrary Shortcode Execution

The PressMart - Modern Elementor WooCommerce WordPress Theme theme for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 1.2.16. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for unauthenticated attackers to execute arbitrary shortcodes.

Action-Not Available
Vendor-presslayoutsPressLayouts
Product-pressmartPressMart - Modern Elementor WooCommerce WordPress Theme
CWE ID-CWE-94
Improper Control of Generation of Code ('Code Injection')