Browse all 13 CVE security advisories affecting Edge-Themes. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Edge-Themes develops WordPress themes and templates for website customization, with 13 CVEs recorded to date. Historically, vulnerabilities have included remote code execution, cross-site scripting, and privilege escalation, often stemming from insufficient input validation and insecure direct object references. Security researchers have identified consistent patterns in their codebase, particularly in theme options and file handling mechanisms. While no major public security incidents have been widely reported, the accumulation of CVEs suggests ongoing security challenges in their development practices. Their themes' widespread adoption increases potential impact, making regular security updates and careful implementation crucial for users.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-62868 | WordPress Edge CPT plugin <= 1.4 - Local File Inclusion vulnerability — Edge CPTCWE-98 | 8.1 | High | 2025-10-24 |
| CVE-2025-49889 | WordPress Edge CPT plugin <= 1.4 - Local File Inclusion vulnerability — Edge CPTCWE-98 | 8.1 | High | 2025-08-20 |
This page lists every published CVE security advisory associated with Edge-Themes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.