Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

BZOTheme — Vulnerabilities & Security Advisories 9

Browse all 9 CVE security advisories affecting BZOTheme. AI-powered Chinese analysis, POCs, and references for each vulnerability.

BZOTheme develops WordPress themes and website templates for small businesses and personal blogs. Historically, the company's products have been vulnerable to multiple remote code execution (RCE) and cross-site scripting (XSS) flaws, often stemming from insufficient input validation and improper sanitization. Several privilege escalation vulnerabilities have also been documented, allowing unauthorized access to administrative functions. With nine CVEs on record, BZOTheme's security track record shows recurring issues in file handling and user permissions, though no major public security incidents have been widely reported. The vulnerabilities typically stem from outdated code practices and inadequate security reviews in theme development.

Top products by BZOTheme: Fitrush GiftXtore Petito CraftXtore Zagg - Electronics & Accessories WooCommerce WordPress Theme PrintXtore Zenny Monki Mella
CVE IDTitleCVSSSeverityPublished
CVE-2025-67616 WordPress Mella theme <= 1.2.29 - Local File Inclusion vulnerability — MellaCWE-98 8.1 High2026-01-22
CVE-2025-53436 WordPress Monki theme <= 2.0.5 - Local File Inclusion vulnerability — MonkiCWE-98 8.1 High2025-12-18
CVE-2025-24769 WordPress Zenny theme <= 1.7.5 - Local File Inclusion Vulnerability — ZennyCWE-98 8.1 High2025-06-27
CVE-2025-28946 WordPress PrintXtore theme < 1.7.8 - Local File Inclusion vulnerability — PrintXtoreCWE-98 8.1 High2025-06-27
CVE-2025-4200 Zagg - Electronics & Accessories WooCommerce WordPress Theme <= 1.4.1 - Unauthenticated Local File Inclusion — Zagg - Electronics & Accessories WooCommerce WordPress ThemeCWE-98 8.1 High2025-06-14
CVE-2023-26005 WordPress Fitrush <= 1.3.4 - Local File Inclusion Vulnerability — FitrushCWE-98 8.1 High2025-06-09
CVE-2025-24770 WordPress CraftXtore theme <= 1.7 - Local File Inclusion Vulnerability — CraftXtoreCWE-98 8.1 High2025-06-09
CVE-2025-27362 WordPress Petito theme < 1.6.6 - Local File Inclusion vulnerability — PetitoCWE-98 8.1 High2025-06-09
CVE-2025-28888 WordPress GiftXtore theme < 1.7.7 - Local File Inclusion vulnerability — GiftXtoreCWE-98 8.1 High2025-06-09

This page lists every published CVE security advisory associated with BZOTheme. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.