CVE-2026-39578MEDIUM NVDCVSS Score 5.5Severity MEDIUMPublished Jun 17, 2026Vendor unknownDescriptionUnauthenticated PHP Object Injection in Valiance <= 1.2 versions.Referenceshttps://patchstack.com/database/wordpress/theme/valiance/vulnerability/wordpress-valiance-theme-1-2-php-object-injection-vulnerability?_s_id=cve