CRITICAL
BoldThemes
CVE published 2026-06-17
CVE-2026-27429
CVE-2026-27429 is a critical vulnerability in the Nifty theme for WordPress, allowing unauthenticated PHP object injection. It has a CVSS score of 9.8 and was published on June 17, 2026. The vulnerability affects Nifty versions up to 1.4.1. Successful exploitation could lead to high impact on confidentiality, integrity, and availability. Administrators of affected systems should apply patches or mitigatio [truncated]