PricingCase studies Login Start trial
Plugin Icon

Kirki

Themeum

Developer

6.0.12

Latest version

500,000

Installations

No date

Last updated

WordPress Plugin
No VDP
See changelog
Claim ownership
Report vulnerability
    VulnerabilitiesSecurity Contributors

Vulnerability history

0 present
7 patched
4 Mitigation rules
  • Missing Authorization to Unauthenticated Sensitive Information Exposure vulnerability
    <= 6.0.11
    1 day ago
  • Missing Authorization to Unauthenticated Arbitrary Email Content Injection (Mail Relay / Phishing) vulnerability
    <= 6.0.11
    1 day ago
  • Insecure Direct Object References (IDOR) vulnerability
    <= 6.0.11
    3 days ago
  • Server Side Request Forgery (SSRF) vulnerability
    <= 6.0.11
    7 days ago
  • Unauthenticated Privilege Escalation via 'handle_forgot_password' vulnerability
    6.0.0-6.0.6
    01/06/2026
  • Missing Authorization to Authenticated (Subscriber+) Sensitive Form Submission Data Exposure vulnerability
    <= 6.0.6
    25/05/2026
  • Unauthenticated Limited Arbitrary File Read and Deletion vulnerability
    <= 6.0.6
    21/05/2026

Vulnerability mitigation

  • Pricing
  • Application security (SCA)
  • RapidMitigate New
  • Threat Intelligence (API)
  • VS Monarx
  • VS Imunify360
  • VS Wordfence
  • Documentation
  • Service status
  • Log in

Code security

  • Managed VDP New
  • Active VDP directory 1,142
  • Report vulnerability
  • Security auditing
  • Compliance (CRA) New
  • Log in New

Bug bounty

  • Bug bounty
  • Leaderboard
  • Guidelines
  • Learn New
  • Report
  • Discord
  • Log in New

Use cases

  • Web developers
  • Webhosts New
  • Software vendors
  • WordPress
  • WooCommerce

Resources

  • Partners
  • Vulnerability database
  • Whitepaper 2026 New
  • Articles
  • Case studies New
  • Webinars New
  • Vulnerability statistics

Patchstack

  • About
  • Careers
  • Merch store
  • Media kit
  • LinkedIn
  • Facebook
  • X
© 2026 Patchstack
DPA
Privacy Policy
Accessibility
Terms & Conditions