Browse all 4 CVE security advisories affecting AF themes. AI-powered Chinese analysis, POCs, and references for each vulnerability.
AF themes primarily serve as a framework for developing and deploying web applications, with core use cases centered around content management and user interaction platforms. Historically, these themes have been susceptible to multiple vulnerability classes, including remote code execution, cross-site scripting, and privilege escalation, as evidenced by the four recorded CVEs. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities suggests potential risks for organizations using these themes without proper hardening. Security researchers have noted that the themes' widespread adoption increases their attractiveness for attackers seeking to exploit multiple sites simultaneously through common vulnerabilities.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-56247 | WordPress WP Post Author plugin <= 3.8.2 - SQL Injection vulnerability — WP Post AuthorCWE-89 | 7.6 | High | 2025-01-02 |
| CVE-2024-37101 | WordPress WP Post Author plugin <= 3.6.7 - Cross Site Scripting (XSS) vulnerability — WP Post AuthorCWE-79 | 6.5 | Medium | 2024-07-22 |
| CVE-2024-34387 | WordPress WP Post Author plugin <= 3.6.4 - Rating Value Manipulation vulnerability — WP Post AuthorCWE-862 | 4.3 | Medium | 2024-05-06 |
| CVE-2024-34389 | WordPress WP Post Author plugin <= 3.6.4 - Broken Access Control vulnerability — WP Post AuthorCWE-862 | 4.3 | Medium | 2024-05-06 |
This page lists every published CVE security advisory associated with AF themes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.