Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

AncoraThemes — Vulnerabilities & Security Advisories 128

Browse all 128 CVE security advisories affecting AncoraThemes. AI-powered Chinese analysis, POCs, and references for each vulnerability.

AncoraThemes operates as a digital marketplace specializing in WordPress themes and plugins, catering primarily to web developers and small business owners seeking pre-built website solutions. The company’s extensive portfolio has historically been associated with a significant volume of security flaws, currently totaling 128 recorded Common Vulnerabilities and Exposures (CVEs). These vulnerabilities predominantly stem from insufficient input validation and sanitization, leading to frequent instances of Remote Code Execution (RCE), Cross-Site Scripting (XSS), and SQL Injection. Additionally, privilege escalation bugs have allowed unauthorized users to gain administrative access, compromising site integrity. While AncoraThemes has implemented security patches for many identified issues, the sheer number of disclosed CVEs highlights systemic challenges in code review processes. Users are advised to exercise caution, ensuring all installed components are updated to the latest secure versions to mitigate potential exploitation risks associated with these legacy and ongoing vulnerabilities.

Top products by AncoraThemes: Impacto Patronus CloudMe Jardi FixTeam Great Lotus Felizia Shaha Honor Woopy SevenHills KindlyCare Coworking Ironfit Parkivia Gustavo UnlimHost Prider Tornados Hobo Pearson Specter Snow Mountain Weedles DiveIt MoveMe Isida Zio Alberto Fooddy Blabber Netmix Yolox
CVE IDTitleCVSSSeverityPublished
CVE-2026-22433 WordPress CloudMe theme <= 1.2.2 - Local File Inclusion vulnerability — CloudMeCWE-98 8.1 High2026-03-05
CVE-2026-22428 WordPress Tooth Fairy theme <= 1.16 - Local File Inclusion vulnerability — Tooth FairyCWE-98 8.1 High2026-03-05
CVE-2026-22431 WordPress Wabi-Sabi theme <= 1.2 - Local File Inclusion vulnerability — Wabi-SabiCWE-98 8.1 High2026-03-05
CVE-2026-22421 WordPress Quantum theme <= 1.0 - Local File Inclusion vulnerability — QuantumCWE-98 8.1 High2026-03-05
CVE-2026-22424 WordPress Shaha theme <= 1.1.2 - Local File Inclusion vulnerability — ShahaCWE-98 8.1 High2026-03-05
CVE-2026-22419 WordPress Honor theme <= 2.3 - Local File Inclusion vulnerability — HonorCWE-98 8.1 High2026-03-05
CVE-2026-22420 WordPress Horizon theme <= 1.1 - Local File Inclusion vulnerability — HorizonCWE-98 8.1 High2026-03-05
CVE-2026-22416 WordPress FixTeam theme <= 1.5.0 - Local File Inclusion vulnerability — FixTeamCWE-98 8.1 High2026-03-05
CVE-2026-22418 WordPress Great Lotus theme <= 1.3.1 - Local File Inclusion vulnerability — Great LotusCWE-98 8.1 High2026-03-05
CVE-2026-22415 WordPress The Mounty theme <= 1.1 - Local File Inclusion vulnerability — The MountyCWE-98 8.1 High2026-03-05
CVE-2026-22380 WordPress UnlimHost theme <= 1.2.3 - Local File Inclusion vulnerability — UnlimHostCWE-98 8.1 High2026-02-20
CVE-2026-22376 WordPress Parkivia theme <= 1.1.9 - Local File Inclusion vulnerability — ParkiviaCWE-98 8.1 High2026-02-20
CVE-2026-22379 WordPress Netmix theme <= 1.0.10 - Local File Inclusion vulnerability — NetmixCWE-98 8.1 High2026-02-20
CVE-2026-22375 WordPress Impacto Patronus theme <= 1.2.3 - Local File Inclusion vulnerability — Impacto PatronusCWE-98 8.1 High2026-02-20
CVE-2026-22378 WordPress Blabber theme <= 1.7.0 - Local File Inclusion vulnerability — BlabberCWE-98 8.1 High2026-02-20
CVE-2026-22377 WordPress Saveo theme <= 1.1.2 - Local File Inclusion vulnerability — SaveoCWE-98 8.1 High2026-02-20
CVE-2026-22374 WordPress Zio Alberto theme <= 1.2.2 - Local File Inclusion vulnerability — Zio AlbertoCWE-98 8.1 High2026-02-20
CVE-2026-22373 WordPress Fooddy theme <= 1.3.10 - Local File Inclusion vulnerability — FooddyCWE-98 8.1 High2026-02-20
CVE-2026-22369 WordPress Ironfit theme <= 1.5 - Local File Inclusion vulnerability — IronfitCWE-98 8.1 High2026-02-20
CVE-2026-22371 WordPress Gustavo theme <= 1.2.2 - Local File Inclusion vulnerability — GustavoCWE-98 8.1 High2026-02-20
CVE-2026-22372 WordPress Isida theme <= 1.4.2 - Local File Inclusion vulnerability — IsidaCWE-98 8.1 High2026-02-20
CVE-2026-22367 WordPress Coworking theme <= 1.6.1 - Local File Inclusion vulnerability — CoworkingCWE-98 8.1 High2026-02-20
CVE-2025-69372 WordPress SevenHills theme <= 1.6.2 - PHP Object Injection vulnerability — SevenHillsCWE-502 9.8 Critical2026-02-20
CVE-2025-69371 WordPress KindlyCare theme <= 1.6.1 - PHP Object Injection vulnerability — KindlyCareCWE-502 9.8 Critical2026-02-20
CVE-2025-69078 WordPress Malta theme <= 1.3.3 - Local File Inclusion vulnerability — MaltaCWE-98 8.1 High2026-01-22
CVE-2025-69076 WordPress Modern Housewife theme <= 1.0.12 - Local File Inclusion vulnerability — Modern HousewifeCWE-98 8.1 High2026-01-22
CVE-2025-69077 WordPress Hobo theme <= 1.0.10 - Local File Inclusion vulnerability — HoboCWE-98 8.1 High2026-01-22
CVE-2025-69073 WordPress Piqes theme <= 1.0.11 - Local File Inclusion vulnerability — PiqesCWE-98 8.1 High2026-01-22
CVE-2025-69074 WordPress Pearson Specter theme <= 1.11.3 - Local File Inclusion vulnerability — Pearson SpecterCWE-98 8.1 High2026-01-22
CVE-2025-69075 WordPress Yolox theme <= 1.0.15 - Local File Inclusion vulnerability — YoloxCWE-98 8.1 High2026-01-22

This page lists every published CVE security advisory associated with AncoraThemes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.