Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

BuddhaThemes — Vulnerabilities & Security Advisories 5

Browse all 5 CVE security advisories affecting BuddhaThemes. AI-powered Chinese analysis, POCs, and references for each vulnerability.

BuddhaThemes develops WordPress themes and plugins for website building, with five CVEs recorded in its history. The company's products have historically been vulnerable to cross-site scripting (XSS) and remote code execution (RCE) flaws, often stemming from insufficient input validation and improper sanitization. Security researchers have identified persistent issues with file permissions and authentication mechanisms, leading to privilege escalation risks. While no major public security incidents have been documented, the consistent pattern of vulnerabilities in their codebase suggests ongoing challenges in secure development practices. Users are advised to maintain updated versions and implement additional security layers when using BuddhaThemes products.

Top products by BuddhaThemes: WeDesignTech Ultimate Booking Addon HYDRO Lizza LMS Pro ColorFolio - Freelance Designer WordPress Theme
CVE IDTitleCVSSSeverityPublished
CVE-2026-27096 WordPress ColorFolio - Freelance Designer WordPress Theme theme <= 1.3 - Deserialization of untrusted data vulnerability — ColorFolio - Freelance Designer WordPress ThemeCWE-502 8.1 High2026-03-19
CVE-2025-69340 WordPress WeDesignTech Ultimate Booking Addon plugin <= 1.0.3 - Broken Access Control vulnerability — WeDesignTech Ultimate Booking AddonCWE-862 7.5 High2026-03-05
CVE-2025-13563 Lizza LMS Pro <= 1.0.3 - Unauthenticated Privilege Escalation — Lizza LMS ProCWE-269 9.8 Critical2026-02-19
CVE-2025-69341 WordPress WeDesignTech Ultimate Booking Addon plugin <= 1.0.3 - Broken Access Control vulnerability — WeDesignTech Ultimate Booking AddonCWE-862 5.4 Medium2026-01-06
CVE-2025-31428 WordPress HYDRO theme <= 2.8 - Reflected Cross Site Scripting (XSS) vulnerability — HYDROCWE-79 7.1 High2025-06-27

This page lists every published CVE security advisory associated with BuddhaThemes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.