Browse all 15 CVE security advisories affecting Frenify. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Frenify develops WordPress themes and plugins for website builders, with their products primarily used for creating responsive websites and e-commerce platforms. Historically, their vulnerabilities have commonly included stored cross-site scripting (XSS), remote code execution (RCE), and privilege escalation flaws, often stemming from insufficient input validation and improper access controls. Notable security characteristics include multiple CVEs (15 to date) with several critical RCE vulnerabilities in their themes, allowing attackers to execute arbitrary code on affected servers. These vulnerabilities typically arise from inadequate sanitization of user inputs and improper file handling, posing significant risks to websites using their products.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-28076 | WordPress Guff theme <= 1.0.1 - Broken Access Control vulnerability — GuffCWE-862 | 7.5 | High | 2026-03-05 |
This page lists every published CVE security advisory associated with Frenify. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.