PatchSiren cyber security CVE debrief
CVE-2022-42479 TemplateHouse CVE debrief
CVE-2022-42479 is a Missing Authorization vulnerability in the Soledad WordPress theme. The vulnerability affects Soledad from n/a through 8.2.5 and has a CVSS score of 5.4, categorized as MEDIUM severity. The vulnerability allows attackers to access functionality not properly constrained by ACLs.
- Vendor
- TemplateHouse
- Product
- Soledad
- CVSS
- MEDIUM 5.4
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-06-11
- Original CVE updated
- 2026-06-11
- Advisory published
- 2026-06-11
- Advisory updated
- 2026-06-11
Who should care
Users of the Soledad WordPress theme, particularly those using versions from n/a through 8.2.5, should be aware of this vulnerability and take necessary actions to mitigate it.
Technical summary
The vulnerability is caused by a missing authorization check in the Soledad WordPress theme, allowing attackers to access restricted functionality. The CVSS vector for this vulnerability is CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N.
Defensive priority
MEDIUM
Recommended defensive actions
- Update the Soledad WordPress theme to a version that fixes this vulnerability.
- Review and restrict access to sensitive functionality to prevent exploitation.
Evidence notes
The vulnerability was reported by [email protected] and is documented in the CVE record and NVD detail.
Official resources
-
CVE-2022-42479 CVE record
CVE.org
-
CVE-2022-42479 NVD detail
NVD
-
Source item URL
nvd_modified
- Mitigation or vendor reference
CVE-2022-42479 was published on 2026-06-11T10:16:19.840Z and modified on 2026-06-11T14:42:47.007Z.