Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Detheme — Vulnerabilities & Security Advisories 13

Browse all 13 CVE security advisories affecting Detheme. AI-powered Chinese analysis, POCs, and references for each vulnerability.

deTheme is a WordPress theme provider offering customizable templates for websites. Historically, the platform has been susceptible to multiple security vulnerabilities, including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws. With 13 CVEs recorded, these issues often stem from insufficient input validation and improper access controls. Notable characteristics include vulnerabilities in theme options and shortcode implementations that could allow attackers to compromise affected sites. While no major public incidents have been widely documented, the consistent pattern of security issues suggests that proper hardening and regular updates are essential for users maintaining deTheme-powered websites.

Top products by Detheme: DethemeKit For Elementor Easy Guide
CVE IDTitleCVSSSeverityPublished
CVE-2025-57995 WordPress DethemeKit For Elementor Plugin <= 2.1.10 - Broken Access Control Vulnerability — DethemeKit For ElementorCWE-862 4.3 Medium2025-09-22
CVE-2025-46460 WordPress Easy Guide plugin <= 1.0.0 - SQL Injection Vulnerability — Easy GuideCWE-89 9.3 Critical2025-05-23
CVE-2025-32260 WordPress DethemeKit For Elementor plugin <= 2.1.10 - Broken Access Control vulnerability — DethemeKit For ElementorCWE-862 5.3 Medium2025-04-10
CVE-2025-1526 DethemeKit for Elementor <= 2.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting — DethemeKit for ElementorCWE-79 6.4 Medium2025-03-14
CVE-2025-26772 WordPress DethemeKit For Elementor plugin <= 2.1.8 - Cross Site Scripting (XSS) vulnerability — DethemeKit For ElementorCWE-79 6.5 Medium2025-02-17
CVE-2025-0661 DethemeKit For Elementor <= 2.1.8 - Authenticated (Contributor+) Protected Post Disclosure — DethemeKit for ElementorCWE-639 4.3 Medium2025-02-13
CVE-2024-13644 DethemeKit For Elementor <= 2.1.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via De Gallery Widget — DethemeKit for ElementorCWE-79 6.4 Medium2025-02-13
CVE-2024-47632 WordPress DethemeKit For Elementor plugin <= 2.1.7 - Cross Site Scripting (XSS) vulnerability — DethemeKit For ElementorCWE-79 6.5 Medium2024-10-05
CVE-2024-6283 DethemeKit For Elementor <= 2.1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via URL Parameter of the De Gallery Widget — DethemeKit for ElementorCWE-79 5.4 Medium2024-06-27
CVE-2024-5418 DethemeKit For Elementor <= 2.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via slitems Attribute — DethemeKit for ElementorCWE-79 6.4 Medium2024-05-31
CVE-2024-4374 DethemeKit For Elementor <= 2.1.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets — DethemeKit for ElementorCWE-79 6.4 Medium2024-05-18
CVE-2024-34575 WordPress DethemeKit For Elementor plugin <= 2.1.2 - Cross Site Scripting (XSS) vulnerability — DethemeKit For ElementorCWE-79 6.5 Medium2024-05-17
CVE-2024-32508 WordPress DethemeKit For Elementor plugin <= 2.0.2 - Cross Site Scripting (XSS) vulnerability — DethemeKit For ElementorCWE-79 6.5 Medium2024-04-17

This page lists every published CVE security advisory associated with Detheme. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.