📦 Puzzles

This CVE describes a PHP object injection vulnerability in the Puzzles WordPress theme that allows unauthenticated attackers to inject malicious PHP objects via AJAX requests. The vulnerability only b...

The Puzzles WordPress theme has a stored XSS vulnerability in versions up to 4.2.4 that allows authenticated attackers with contributor-level permissions or higher to inject malicious scripts via shor...

This vulnerability allows authenticated attackers with Subscriber-level access or higher to inject malicious scripts into WordPress sites using the Puzzles theme. The stored XSS can affect all visitor...