Armania Theme Allows Malicious Code to Run

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

Armania Theme Allows Malicious Code to Run

CVE-2026-39626

Summary

A security issue in the Armania theme allows hackers to inject malicious code into web pages, potentially stealing user data or taking control of the site. This issue affects the Armania theme for websites, and users should update to the latest version (1.4.9 or later) to fix the problem.

Original title

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in kutethemes Armania armania allows Code Injection.This issue affects Armania: from n/a through <= 1.4.8.

Original description

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in kutethemes Armania armania allows Code Injection.This issue affects Armania: from n/a through <= 1.4.8.

Vulnerability type

CWE-80 Basic XSS

https://patchstack.com/database/Wordpress/Theme/armania/vulnerability/wordpress-...

Published: 8 Apr 2026 · Updated: 9 Apr 2026 · First seen: 8 Apr 2026