This page lists publicly disclosed CVE vulnerabilities affecting pencidesign soledad (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2024-31369 | Cross-Site Request Forgery (CSRF) vulnerability in PenciDesign Soledad.This issue affects Soledad: from n/a through 8.4.2. | [email protected] | 5.4 | 0.16% | 2024-04-09 | 2026-06-17 |
| CVE-2024-31368 | Missing Authorization vulnerability in PenciDesign Soledad.This issue affects Soledad: from n/a through 8.4.2. | [email protected] | 6.5 | 0.44% | 2024-04-09 | 2026-06-17 |
| CVE-2024-31367 | Missing Authorization vulnerability in PenciDesign Soledad.This issue affects Soledad: from n/a through 8.4.2. | [email protected] | 7.1 | 0.43% | 2024-04-09 | 2026-06-17 |
| CVE-2023-49826 | Deserialization of Untrusted Data vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme.This issue affects Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme: from n/a through 8.4.1. | [email protected] | 8.1 | 0.56% | 2023-12-21 | 2026-06-17 |
| CVE-2023-49825 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme.This issue affects Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme: from n/a through 8.4.1. | [email protected] | 8.5 | 0.53% | 2023-12-20 | 2026-06-17 |
| CVE-2023-49827 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PenciDesign Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme allows Reflected XSS.This issue affects Soledad – Multipurpose, Newspaper, Blog & WooCommerce WordPress Theme: from n/a through 8.4.1. | [email protected] | 7.1 | 0.39% | 2023-12-14 | 2026-06-17 |
| CVE-2022-41788 | Auth. (subscriber+) Cross-Site Scripting (XSS) vulnerability in Soledad premium theme <= 8.2.5 on WordPress. | [email protected] | 5.4 | 0.40% | 2022-11-18 | 2026-06-17 |
| CVE-2022-3209 | The soledad WordPress theme before 8.2.5 does not sanitise the {id,datafilter[type],...} parameters in its penci_more_slist_post_ajax AJAX action, leading to a Reflected Cross-Site Scripting (XSS) vulnerability. | [email protected] | 6.1 | 0.49% | 2022-10-10 | 2026-06-17 |