soledad — Vulnerabilities & Security Advisories 13

All 13 CVE vulnerabilities found in soledad, with AI-generated Chinese analysis, references, and POCs.

Vendor: Unknown

CVE ID	Title	CVSS	Severity	Published
CVE-2026-27069	WordPress Soledad theme <= 8.7.2 - Cross Site Scripting (XSS) vulnerability CWE-79	6.1^AI	Medium^AI	2026-02-19
CVE-2025-64188	WordPress Soledad theme <= 8.6.9 - Privilege Escalation vulnerability CWE-266	8.4^AI	High^AI	2025-12-18
CVE-2025-68066	WordPress Soledad theme <= 8.7.0 - Local File Inclusion vulnerability CWE-98	9.1^AI	Critical^AI	2025-12-16
CVE-2025-59588	WordPress Soledad Theme <= 8.6.8 - Local File Inclusion Vulnerability CWE-98	7.5	High	2025-09-22
CVE-2025-59589	WordPress Soledad Theme <= 8.6.8 - Cross Site Scripting (XSS) Vulnerability CWE-79	6.5	Medium	2025-09-22
CVE-2025-8143	Soledad <= 8.6.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'pcsml_smartlists_h' CWE-79	6.4	Medium	2025-08-16
CVE-2025-8105	Soledad <= 8.6.7 - Unauthenticated Arbitrary Shortcode Execution CWE-94	7.3	High	2025-08-16
CVE-2025-8142	Soledad <= 8.6.7 - Authenticated (Contributor+) Local File Inclusion via 'header_layout' CWE-98	8.8	High	2025-08-16
CVE-2024-11289	Soledad <= 8.5.9 - Unauthenticated Limited Local File Inclusion CWE-98	8.1	High	2024-12-06
CVE-2024-31369	WordPress Soledad theme <= 8.4.2 - Cross Site Request Forgery (CSRF) vulnerability CWE-352	5.4	Medium	2024-04-09
CVE-2024-31368	WordPress Soledad theme <= 8.4.2 - Unauthenticated Broken Access Control vulnerability CWE-862	6.5	Medium	2024-04-09
CVE-2024-31367	WordPress Soledad theme <= 8.4.2 - Authenticated Broken Access Control vulnerability CWE-862	7.1	High	2024-04-09
CVE-2022-3209	Soledad < 8.2.5 - Reflected Cross-site Scripting CWE-79	6.1	-	2022-10-10

All 13 known CVE vulnerabilities affecting soledad with full Chinese analysis, references, and POCs where available.