Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

LiquidThemes — Vulnerabilities & Security Advisories 7

Browse all 7 CVE security advisories affecting LiquidThemes. AI-powered Chinese analysis, POCs, and references for each vulnerability.

LiquidThemes develops WordPress themes and website templates for businesses and content creators. Historically, their products have been vulnerable to multiple security issues including remote code execution, cross-site scripting, and privilege escalation vulnerabilities, with seven CVEs documented. These weaknesses often stem from insufficient input validation and improper access controls in theme files. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities suggests a need for improved security practices in their development lifecycle. Users should maintain regular updates and implement additional security measures to mitigate potential risks when using these themes.

Top products by LiquidThemes: AI Hub - Startup & Technology WordPress Theme AI Hub LogisticsHub AI Engine for WordPress: ChatGPT, GPT Content Generator Hub Core Ave Core
CVE IDTitleCVSSSeverityPublished
CVE-2026-25460 WordPress Ave Core plugin <= 2.9.1 - Broken Access Control vulnerability — Ave CoreCWE-862 6.3 Medium2026-03-25
CVE-2025-68065 WordPress Hub Core plugin <= 5.0.8 - Local File Inclusion vulnerability — Hub CoreCWE-98 7.5 High2025-12-16
CVE-2025-13380 AI Engine for WordPress: ChatGPT, GPT Content Generator <= 1.0.1 - Authenticated (Contributor+) Arbitrary File Read — AI Engine for WordPress: ChatGPT, GPT Content GeneratorCWE-73 6.5 Medium2025-11-25
CVE-2025-0951 LiquidThemes Themes <= Various Versions - Missing Authorization to Authenticated (Subscriber+) All Plugins Deactivated — AI Hub - Startup & Technology WordPress ThemeCWE-862 4.3 Medium2025-08-28
CVE-2025-30933 WordPress LogisticsHub theme <= 1.1.6 - Arbitrary File Upload Vulnerability — LogisticsHubCWE-434 10.0 Critical2025-07-04
CVE-2025-1093 AIHub <= 1.3.7 - Unauthenticated Arbitrary File Upload in generate_image — AI Hub - Startup & Technology WordPress ThemeCWE-434 9.8 Critical2025-04-19
CVE-2025-26927 WordPress AI Hub plugin <= 1.3.7 - Arbitrary File Upload vulnerability — AI HubCWE-434 10.0 Critical2025-04-15

This page lists every published CVE security advisory associated with LiquidThemes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.