Browse all 8 CVE security advisories affecting Ex-Themes. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Ex-Themes develops WordPress themes and templates for website creation, with a core use case of providing customizable designs for blogs and business sites. Historically, the company's products have frequently contained vulnerabilities including remote code execution, cross-site scripting, and privilege escalation issues, often stemming from insufficient input validation and insecure direct object references. With 8 CVEs on record, Ex-Themes has faced scrutiny for recurring security flaws in its themes, which if exploited, could allow attackers to compromise websites, steal data, or gain unauthorized administrative access. The pattern of vulnerabilities suggests ongoing challenges in secure coding practices and regular security testing.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-60121 | WordPress WooEvents plugin <= 4.1.7 - Broken Access Control vulnerability — WooEventsCWE-862 | 5.3 | Medium | 2025-09-26 |
This page lists every published CVE security advisory associated with Ex-Themes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.