Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Apollo13Themes — Vulnerabilities & Security Advisories 11

Browse all 11 CVE security advisories affecting Apollo13Themes. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Apollo13Themes develops WordPress themes and plugins for website design and functionality. Historically, their products have frequently contained remote code execution (RCE), cross-site scripting (XSS), and privilege escalation vulnerabilities, often stemming from insufficient input validation and improper access controls. The 11 CVEs on record indicate a pattern of security shortcomings, with multiple instances allowing attackers to execute arbitrary code, steal session cookies, or gain elevated privileges. While no major public security incidents have been widely reported, the consistent discovery of vulnerabilities suggests ongoing security challenges that require improved development practices and regular security audits to mitigate risks for end users.

Top products by Apollo13Themes: Apollo13 Framework Extensions Rife Free Rife Extensions & Templates for Elementor Rife Elementor Extensions & Templates
CVE IDTitleCVSSSeverityPublished
CVE-2025-13617 Apollo13 Framework Extension <= 1.9.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via `a13_alt_link` Parameter — Apollo13 Framework ExtensionsCWE-79 6.4 Medium2026-02-19
CVE-2024-13564 Rife Elementor Extensions & Templates <= 1.2.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Writing Effect Headline Shortcode — Rife Extensions & Templates for ElementorCWE-79 6.4 Medium2025-02-22
CVE-2024-37491 WordPress Rife Free theme <= 2.4.18 - Cross Site Request Forgery (CSRF) vulnerability — Rife FreeCWE-352 4.3 Medium2025-01-02
CVE-2023-25959 WordPress Apollo13 Framework Extensions plugin <= 1.8.10 - Broken Access Control — Apollo13 Framework ExtensionsCWE-862 5.4 Medium2024-12-09
CVE-2023-27454 WordPress Rife Elementor Extensions & Templates plugin <= 1.1.10 - Broken Access Control vulnerability — Rife Elementor Extensions & TemplatesCWE-862 5.4 Medium2024-12-09
CVE-2024-37480 WordPress Apollo13 Framework Extensions plugin <= 1.9.3 - Cross Site Scripting (XSS) vulnerability — Apollo13 Framework ExtensionsCWE-79 6.5 Medium2024-07-21
CVE-2024-5504 Rife Elementor Extensions & Templates <= 1.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Writing Effect Headline Widget — Rife Extensions & Templates for ElementorCWE-79 6.4 Medium2024-07-02
CVE-2024-35708 WordPress Rife Free theme <= 2.4.19 - Cross Site Scripting (XSS) vulnerability — Rife FreeCWE-79 6.5 Medium2024-06-08
CVE-2024-24880 WordPress Apollo13 Framework Extensions Plugin <= 1.9.2 is vulnerable to Cross Site Scripting (XSS) — Apollo13 Framework ExtensionsCWE-79 6.5 Medium2024-02-08
CVE-2023-51539 WordPress Apollo13 Framework Extensions Plugin <= 1.9.1 is vulnerable to Cross Site Request Forgery (CSRF) — Apollo13 Framework ExtensionsCWE-352 5.4 Medium2024-01-05
CVE-2023-47190 WordPress Apollo13 Framework Extensions Plugin <= 1.9.0 is vulnerable to Cross Site Scripting (XSS) — Apollo13 Framework ExtensionsCWE-79 6.5 Medium2023-11-08

This page lists every published CVE security advisory associated with Apollo13Themes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.