Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

ApusTheme — Vulnerabilities & Security Advisories 17

Browse all 17 CVE security advisories affecting ApusTheme. AI-powered Chinese analysis, POCs, and references for each vulnerability.

ApusTheme develops WordPress themes and plugins for website building, with 17 CVEs recorded primarily involving remote code execution, cross-site scripting, and privilege escalation vulnerabilities. Historically, their products have contained insufficient input validation and authentication flaws, allowing attackers to execute unauthorized commands or compromise user accounts. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities across their portfolio indicates potential systemic issues in secure coding practices. Users should implement strict access controls and regular updates to mitigate risks associated with these recurring security weaknesses in their theme ecosystem.

Top products by ApusTheme: Butcher Findgo Apus Framework Campress Yozi Ogami Capie WP Freeio ITok Famita WP CarDealer Greenorganic Drone Homeo Freeio
CVE IDTitleCVSSSeverityPublished
CVE-2026-39679 WordPress Freeio theme <= 1.3.21 - Local File Inclusion vulnerability — FreeioCWE-98 7.5 High2026-04-08
CVE-2026-39681 WordPress Homeo theme <= 1.2.59 - Local File Inclusion vulnerability — HomeoCWE-98 7.5 High2026-04-08
CVE-2025-49249 WordPress Drone theme <= 1.40 - Reflected Cross Site Scripting (XSS) vulnerability — DroneCWE-79 7.1 High2026-01-22
CVE-2025-53437 WordPress Greenorganic theme <= 2.45 - Local File Inclusion vulnerability — GreenorganicCWE-98 8.1 High2025-12-18
CVE-2025-13764 WP CarDealer <= 1.2.16 - Unauthenticated Privilege Escalation — WP CarDealerCWE-269 9.8 Critical2025-12-11
CVE-2025-62014 WordPress ITok theme <= 1.1.42 - Local File Inclusion vulnerability — ITokCWE-98 8.1 High2025-11-06
CVE-2025-62010 WordPress Famita theme <= 1.54 - Local File Inclusion vulnerability — FamitaCWE-98 8.1 High2025-11-06
CVE-2025-11533 WP Freeio <= 1.2.21 - Unauthenticated Privilege Escalation — WP FreeioCWE-269 9.8 Critical2025-10-11
CVE-2025-58250 WordPress Findgo Theme <= 1.3.55 - Cross Site Request Forgery (CSRF) Vulnerability — FindgoCWE-352 8.8 High2025-09-22
CVE-2025-53587 WordPress Findgo Theme <= 1.3.57 - Cross Site Request Forgery (CSRF) Vulnerability — FindgoCWE-352 8.8 High2025-08-14
CVE-2025-31060 WordPress Capie theme <= 1.0.40 - Local File Inclusion Vulnerability — CapieCWE-98 8.1 High2025-05-23
CVE-2025-31913 WordPress Ogami theme <= 1.53 - Local File Inclusion Vulnerability — OgamiCWE-98 8.1 High2025-05-23
CVE-2025-32285 WordPress Butcher theme < 2.54 - Cross Site Scripting (XSS) vulnerability — ButcherCWE-79 7.1 High2025-05-23
CVE-2025-32289 WordPress Yozi theme <= 2.0.63 - Local File Inclusion Vulnerability — YoziCWE-98 8.1 High2025-05-23
CVE-2025-32286 WordPress Butcher theme <= 2.40 - Local File Inclusion Vulnerability — ButcherCWE-98 8.1 High2025-05-23
CVE-2024-10763 Campress <= 1.35 - Unauthenticated Local File Inclusion — CampressCWE-22 9.8 Critical2025-02-13
CVE-2024-12296 Apus Framework <= 2.4 - Authenticated (Subscriber+) Arbitrary Options Update in import_page_options — Apus FrameworkCWE-862 8.8 High2025-02-12

This page lists every published CVE security advisory associated with ApusTheme. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.