CVE-2026-41557 is a high-severity Unauthenticated Cross Site Scripting (XSS) vulnerability in Kapee versions prior to 1.7.1. The vulnerability has a CVSS score of 7.1 and was published on June 17, 2026. Users of affected versions should update to version 1.7.1 or later to mitigate the risk. The vulnerability allows attackers to inject malicious scripts into web pages viewed by other users. This could lead [truncated]
CVE-2026-39446 is a high-severity vulnerability in the Kapee theme, affecting versions prior to 1.7.0. This unauthenticated PHP object injection vulnerability has a CVSS score of 8.1, indicating a high level of severity. The vulnerability allows attackers to inject malicious PHP objects without authentication, potentially leading to unauthorized code execution. Organizations using affected Kapee versions [truncated]
