GCVE - cpe:2.3:a:kamleshyadav:miraculous:*:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:a:kamleshyadav:miraculous:*:*:*:*:*:*:*:*

part: a version: * update: *

Vendor	Kamleshyadav (`9468a0d3-8e29-564a-9a34-55dcb44bf399`)
Product	Miraculous (`c9105069-761c-59bc-88c3-93dc5cb4cd0f`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from gcve-enriched-dumps CVE data

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2026-32515`	vulnerable	2026-06-08 07:57:17.658759	WordPress Miraculous theme < 2.1.2 - Broken Access Control vulnerability HIGH (7.5) Missing Authorization vulnerability in kamleshyadav Miraculous miraculous allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Miraculous: from n/a through < 2.1.2. Published: 2026-03-25T16:15:06.206Z Updated: 2026-04-29T09:52:01.009Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Theme/miraculous/vulnerability/wordpress-miraculous-theme-2-1-2-broken-access-control-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-58629`	vulnerable	2026-06-08 07:35:18.914262	WordPress Miraculous theme < 2.0.9 - Arbitrary Content Deletion vulnerability HIGH (7.5) Missing Authorization vulnerability in kamleshyadav Miraculous miraculous allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Miraculous: from n/a through < 2.0.9. Published: 2025-11-06T15:54:25.101Z Updated: 2026-04-28T16:13:44.841Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Theme/miraculous/vulnerability/wordpress-miraculous-theme-2-0-9-arbitrary-content-deletion-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2025-58628`	vulnerable	2026-06-08 07:35:18.913956	WordPress Miraculous Theme < 2.0.9 - SQL Injection Vulnerability CRITICAL (9.3) Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in kamleshyadav Miraculous miraculous allows Blind SQL Injection.This issue affects Miraculous: from n/a through < 2.0.9. Published: 2025-09-05T16:17:55.088Z Updated: 2026-04-28T16:13:44.381Z Open on db.gcve.eu Reference links https://patchstack.com/database/Wordpress/Theme/miraculous/vulnerability/wordpress-miraculous-theme-2-0-9-sql-injection-vulnerability?_s_id=cve	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.