Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Jewel Theme — Vulnerabilities & Security Advisories 10

Browse all 10 CVE security advisories affecting Jewel Theme. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Jewel Theme is a WordPress theme primarily used for creating e-commerce and business websites. Historically, it has been susceptible to multiple remote code execution (RCE) vulnerabilities, cross-site scripting (XSS), and privilege escalation flaws, with 10 CVEs recorded. Security researchers have identified issues related to insufficient input validation and improper access controls. While no major public incidents have been widely documented, the consistent pattern of vulnerabilities suggests potential risks for unpatched installations. Users are advised to maintain updated versions and implement additional security measures to mitigate potential exploitation risks associated with this theme's security track record.

Top products by Jewel Theme: Master Addons for Elementor WP Adminify Master Addons for Elementor Premium
CVE IDTitleCVSSSeverityPublished
CVE-2026-3132 Master Addons for Elementor Premium <= 2.1.3 - Authenticated (Subscriber+) Remote Code Execution via render_preview — Master Addons for Elementor PremiumCWE-94 8.8 High2026-03-02
CVE-2023-40679 WordPress Master Elementor Addons plugin <= 2.0.5.3 - Broken Access Control vulnerability — Master Addons for ElementorCWE-862 6.5 Medium2025-12-24
CVE-2024-38710 WordPress Master Addons – Free Widgets, Hover Effects, Toggle, Conditions, Animations for Elementor plugin <= 2.0.6.2 - Cross Site Scripting (XSS) vulnerability — Master Addons for ElementorCWE-79 5.9 Medium2024-07-20
CVE-2024-35660 WordPress Master Addons for Elementor plugin <= 2.0.5.4.1 - Broken Access Control on API vulnerability — Master Addons for ElementorCWE-862 6.5 Medium2024-06-09
CVE-2024-35688 WordPress Master Addons for Elementor plugin <= 2.0.5.9 - Cross Site Scripting (XSS) vulnerability — Master Addons for ElementorCWE-79 6.5 Medium2024-06-08
CVE-2024-35702 WordPress Master Addons for Elementor plugin <= 2.0.6.0 - Cross Site Scripting (XSS) vulnerability — Master Addons for ElementorCWE-79 6.5 Medium2024-06-08
CVE-2024-33595 WordPress Master Addons for Elementor plugin <= 2.0.5.4.1 - Broken Access Control on Duplicate Post vulnerability — Master Addons for ElementorCWE-862 4.3 Medium2024-04-29
CVE-2024-29911 WordPress Master Addons for Elementor plugin <= 2.0.5.4.1 - Cross Site Scripting (XSS) vulnerability — Master Addons for ElementorCWE-79 6.5 Medium2024-03-27
CVE-2023-52132 WordPress WP Adminify Plugin <= 3.1.6 is vulnerable to SQL Injection — WP AdminifyCWE-89 7.6 High2023-12-31
CVE-2023-44266 WordPress WP Adminify Plugin <= 3.1.6 is vulnerable to Cross Site Scripting (XSS) — WP AdminifyCWE-79 5.9 Medium2023-10-02

This page lists every published CVE security advisory associated with Jewel Theme. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.