Skip to main content

Konsept

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2026-39556 HIGH This Week

Unauthenticated PHP Object Injection affects the Konsept WordPress theme (by elated-themes) in versions 1.9 and earlier, allowing remote attackers to inject crafted serialized PHP objects without authentication. Successful exploitation can lead to a full compromise of the WordPress site - high impact on confidentiality, integrity, and availability - though CVSS rates attack complexity as high, indicating non-trivial conditions are required. No public exploit identified at time of analysis.

PHP Deserialization Konsept
NVD
CVSS 3.1
8.1
EPSS
0.3%
CVE-2026-39556
EPSS 0% CVSS 8.1
HIGH This Week

Unauthenticated PHP Object Injection affects the Konsept WordPress theme (by elated-themes) in versions 1.9 and earlier, allowing remote attackers to inject crafted serialized PHP objects without authentication. Successful exploitation can lead to a full compromise of the WordPress site - high impact on confidentiality, integrity, and availability - though CVSS rates attack complexity as high, indicating non-trivial conditions are required. No public exploit identified at time of analysis.

PHP Deserialization Konsept
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy