Colorfolio Freelance Designer Wordpress Theme

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-27096 HIGH This Week

The ColorFolio Freelance Designer WordPress Theme versions up to 1.3 contains a deserialization of untrusted data vulnerability that allows attackers to perform PHP Object Injection. This enables remote unauthenticated attackers to execute arbitrary code or manipulate application logic, though exploitation requires high attack complexity. There is no evidence of active exploitation (not in CISA KEV), and EPSS score data is not provided, but the vulnerability has been publicly disclosed by Patchstack.

Deserialization WordPress Colorfolio Freelance Designer Wordpress Theme
NVD VulDB
CVSS 3.1
8.1
EPSS
0.0%
CVE-2026-27096
EPSS 0% CVSS 8.1
HIGH This Week

The ColorFolio Freelance Designer WordPress Theme versions up to 1.3 contains a deserialization of untrusted data vulnerability that allows attackers to perform PHP Object Injection. This enables remote unauthenticated attackers to execute arbitrary code or manipulate application logic, though exploitation requires high attack complexity. There is no evidence of active exploitation (not in CISA KEV), and EPSS score data is not provided, but the vulnerability has been publicly disclosed by Patchstack.

Deserialization WordPress Colorfolio Freelance Designer Wordpress Theme
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy