Browse all 31 CVE security advisories affecting Elated-Themes. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Elated-Themes operates as a software vendor specializing in digital themes and plugins, primarily targeting content management systems. Historical security audits reveal a pattern of critical vulnerabilities, with thirty-one Common Vulnerabilities and Exposures (CVEs) currently documented. The most prevalent flaw types include Remote Code Execution (RCE), Cross-Site Scripting (XSS), and Privilege Escalation, indicating systemic weaknesses in input validation and access control mechanisms. These defects often stem from insufficient sanitization of user-supplied data and improper handling of administrative functions. While specific major incidents involving widespread exploitation are not explicitly detailed in public records, the high volume of disclosed CVEs suggests a consistent history of security lapses. This profile highlights the necessity for rigorous code review and proactive patch management to mitigate the inherent risks associated with the vendor’s software ecosystem.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-24971 | WordPress Search & Go theme <= 2.8 - Privilege Escalation vulnerability — Search & GoCWE-266 | 9.8 | Critical | 2026-03-25 |
| CVE-2025-69005 | WordPress Search & Go theme <= 2.8 - Local File Inclusion vulnerability — Search & GoCWE-98 | 8.1 | High | 2026-01-22 |
| CVE-2025-62064 | WordPress Search & Go theme <= 2.7 - Broken Authentication vulnerability — Search & GoCWE-288 | 9.8 | Critical | 2025-11-06 |
This page lists every published CVE security advisory associated with Elated-Themes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.