๐Ÿ” CVE Alert

CVE-2025-10915

CRITICAL 9.8

Dreamer Blog <= 1.2 - Subscriber+ Arbitrary Plugin Installation

CVSS Score
9.8
EPSS Score
0.1%
EPSS Percentile
19th

The Dreamer Blog WordPress theme through 1.2 is vulnerable to arbitrary installations due to a missing capability check.

Vendor unknown
Product dreamer blog
Published Jan 13, 2026
Last Updated Apr 2, 2026
Stay Ahead of the Next One

Get instant alerts for unknown dreamer blog

Be the first to know when new critical vulnerabilities affecting unknown dreamer blog are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Unknown / Dreamer Blog
0 โ‰ค 1.2

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
wpscan.com: https://wpscan.com/vulnerability/dab3a804-9027-4b4a-b61c-61b562045bc4/

Credits

Khaled Alenazi (Nxploited) WPScan