Themegoods Altair vulnerabilities
2 known vulnerabilities affecting themegoods/altair.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2
Vulnerabilities
Page 1 of 1
CVE-2024-12922P2CRITICALCVSS 9.8≤ 5.2.42025-03-19
CVE-2024-12922 [CRITICAL] CWE-862 CVE-2024-12922: The Altair theme for WordPress is vulnerable to unauthorized modification of data that can lead to p
The Altair theme for WordPress is vulnerable to unauthorized modification of data that can lead to privilege escalation due to a missing capability check within functions.php in all versions up to, and including, 5.2.4. This makes it possible for unauthenticated attackers to update arbitrary options on the WordPress site. This can be leveraged to
nvd
CVE-2025-32928P3CRITICALCVSS 9.8≤ 5.2.22025-05-19
CVE-2025-32928 [CRITICAL] CWE-502 CVE-2025-32928: Deserialization of Untrusted Data vulnerability in ThemeGoods Altair altair allows Object Injection.
Deserialization of Untrusted Data vulnerability in ThemeGoods Altair altair allows Object Injection.This issue affects Altair: from n/a through <= 5.2.2.
nvd