Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Elegant Themes — Vulnerabilities & Security Advisories 4

Browse all 4 CVE security advisories affecting Elegant Themes. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Elegant Themes develops WordPress themes and plugins, primarily for website design and functionality. Historically, their products have faced vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from insufficient input validation and access control issues. The company maintains multiple CVE records, with some instances allowing attackers to execute arbitrary code or compromise administrative accounts. While no major public security incidents have been widely documented, their history of vulnerabilities highlights the importance of regular updates and careful implementation. Their extensive user base makes security maintenance critical, as unpatched installations could expose numerous websites to potential exploitation.

Top products by Elegant Themes: Divi Divi Builder
CVE IDTitleCVSSSeverityPublished
CVE-2024-5533 Divi <= 4.25.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — DiviCWE-20 6.4 Medium2024-06-18
CVE-2024-4490 Elegant Themes Divi Theme, Extra Theme, Divi Page Builder <= 4.25.0 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting — Divi BuilderCWE-79 6.4 Medium2024-05-10
CVE-2023-6744 Divi <= 4.23.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — DiviCWE-79 6.4 Medium2023-12-23
CVE-2023-29099 WordPress Divi Theme <= 4.20.2 is vulnerable to Cross Site Scripting (XSS) — DiviCWE-79 6.5 Medium2023-08-08

This page lists every published CVE security advisory associated with Elegant Themes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.