Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

AncoraThemes — Vulnerabilities & Security Advisories 128

Browse all 128 CVE security advisories affecting AncoraThemes. AI-powered Chinese analysis, POCs, and references for each vulnerability.

AncoraThemes operates as a digital marketplace specializing in WordPress themes and plugins, catering primarily to web developers and small business owners seeking pre-built website solutions. The company’s extensive portfolio has historically been associated with a significant volume of security flaws, currently totaling 128 recorded Common Vulnerabilities and Exposures (CVEs). These vulnerabilities predominantly stem from insufficient input validation and sanitization, leading to frequent instances of Remote Code Execution (RCE), Cross-Site Scripting (XSS), and SQL Injection. Additionally, privilege escalation bugs have allowed unauthorized users to gain administrative access, compromising site integrity. While AncoraThemes has implemented security patches for many identified issues, the sheer number of disclosed CVEs highlights systemic challenges in code review processes. Users are advised to exercise caution, ensuring all installed components are updated to the latest secure versions to mitigate potential exploitation risks associated with these legacy and ongoing vulnerabilities.

Top products by AncoraThemes: Impacto Patronus CloudMe Jardi FixTeam Great Lotus Felizia Shaha Honor Woopy SevenHills KindlyCare Coworking Ironfit Parkivia Gustavo UnlimHost Prider Tornados Hobo Pearson Specter Snow Mountain Weedles DiveIt MoveMe Isida Zio Alberto Fooddy Blabber Netmix Yolox
CVE IDTitleCVSSSeverityPublished
CVE-2025-69071 WordPress TanTum theme <= 1.1.13 - Local File Inclusion vulnerability — TanTumCWE-98 8.1 High2026-01-22
CVE-2025-69067 WordPress Tails theme <= 1.4.12 - Local File Inclusion vulnerability — TailsCWE-98 8.1 High2026-01-22
CVE-2025-69068 WordPress Muji theme <= 1.2.0 - Local File Inclusion vulnerability — MujiCWE-98 8.1 High2026-01-22
CVE-2025-69070 WordPress Tornados theme <= 2.1 - Local File Inclusion vulnerability — TornadosCWE-98 8.1 High2026-01-22
CVE-2025-69072 WordPress Prider theme <= 1.1.3.1 - Local File Inclusion vulnerability — PriderCWE-98 8.1 High2026-01-22
CVE-2025-69066 WordPress Indoor Plants theme <= 1.2.7 - Local File Inclusion vulnerability — Indoor PlantsCWE-98 8.1 High2026-01-22
CVE-2025-69064 WordPress Pets Land theme <= 1.2.8 - Local File Inclusion vulnerability — Pets LandCWE-98 8.1 High2026-01-22
CVE-2025-69065 WordPress Snow Mountain theme <= 1.4.3 - Local File Inclusion vulnerability — Snow MountainCWE-98 8.1 High2026-01-22
CVE-2025-69062 WordPress Weedles theme <= 1.1.12 - Local File Inclusion vulnerability — WeedlesCWE-98 8.1 High2026-01-22
CVE-2025-69060 WordPress uReach theme <= 1.3.3 - Local File Inclusion vulnerability — uReachCWE-98 8.1 High2026-01-22
CVE-2025-69058 WordPress PartyMaker theme <= 1.1.15 - Local File Inclusion vulnerability — PartyMakerCWE-98 8.1 High2026-01-22
CVE-2025-69059 WordPress DiveIt theme <= 1.4.3 - Local File Inclusion vulnerability — DiveItCWE-98 8.1 High2026-01-22
CVE-2025-69061 WordPress MoveMe theme <= 1.2.15 - Local File Inclusion vulnerability — MoveMeCWE-98 8.1 High2026-01-22
CVE-2025-6326 WordPress Inset theme <= 1.18.0 - Local File Inclusion Vulnerability — InsetCWE-98 8.1 High2025-12-18
CVE-2025-60057 WordPress DJ Rainflow theme <= 1.3.13 - Local File Inclusion vulnerability — DJ RainflowCWE-98 8.1 High2025-12-18
CVE-2025-60055 WordPress Fabrica theme <= 1.8.1 - Local File Inclusion vulnerability — FabricaCWE-98 8.1 High2025-12-18
CVE-2025-60054 WordPress OnLeash theme <= 1.5.2 - Local File Inclusion vulnerability — OnLeashCWE-98 8.1 High2025-12-18
CVE-2025-60058 WordPress DetailX theme <= 1.10.0 - Local File Inclusion vulnerability — DetailXCWE-98 8.1 High2025-12-18
CVE-2025-60056 WordPress Winger theme <= 1.0.16 - Local File Inclusion vulnerability — WingerCWE-98 8.1 High2025-12-18
CVE-2025-60053 WordPress MaxCube theme <= 1.3.1 - Local File Inclusion vulnerability — MaxCubeCWE-98 8.1 High2025-12-18
CVE-2025-60052 WordPress W&D theme <= 1.0 - Local File Inclusion vulnerability — W&DCWE-98 8.1 High2025-12-18
CVE-2025-60051 WordPress Rare Radio theme <= 1.0.15.1 - Local File Inclusion vulnerability — Rare RadioCWE-98 8.1 High2025-12-18
CVE-2025-60044 WordPress Fribbo theme <= 1.1.0 - Local File Inclusion vulnerability — FribboCWE-98 8.1 High2025-12-18
CVE-2025-60042 WordPress Chinchilla theme <= 1.16 - Local File Inclusion vulnerability — ChinchillaCWE-98 8.1 High2025-12-18
CVE-2025-60043 WordPress Wanderic theme <= 1.0.10 - Local File Inclusion vulnerability — WandericCWE-98 8.1 High2025-12-18
CVE-2025-58900 WordPress UniTravel theme <= 1.4.2 - Local File Inclusion vulnerability — UniTravelCWE-98 8.1 High2025-12-18
CVE-2025-58901 WordPress Takeout theme <= 1.3.0 - Local File Inclusion vulnerability — TakeoutCWE-98 8.1 High2025-12-18
CVE-2025-58899 WordPress Frame theme <= 2.4.0 - Local File Inclusion vulnerability — FrameCWE-98 8.1 High2025-12-18
CVE-2025-58898 WordPress HealthHub theme <= 1.3.0 - Local File Inclusion vulnerability — HealthHubCWE-98 8.1 High2025-12-18
CVE-2025-58895 WordPress Integro theme <= 1.8.0 - Local File Inclusion vulnerability — IntegroCWE-98 8.1 High2025-12-18

This page lists every published CVE security advisory associated with AncoraThemes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.