Browse all 4 CVE security advisories affecting Olive Themes. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Olive Themes develops WordPress themes and website templates for small businesses and bloggers. Historically, their products have been vulnerable to multiple security issues including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. The company currently has four CVEs on record, primarily related to insufficient input validation and improper access controls. While no major public security incidents have been documented, the consistent pattern of vulnerabilities in their themes suggests potential risks for users who fail to promptly update to patched versions. Their themes' widespread use increases potential attack surfaces, making regular security updates critical for maintaining website integrity.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-38749 | WordPress Olive One Click Demo Import plugin <= 1.1.2 - Sensitive Data Exposure vulnerability — Olive One Click Demo ImportCWE-200 | 5.3 | Medium | 2024-08-13 |
| CVE-2024-32715 | WordPress Olive One Click Demo Import plugin <= 1.1.1 - Arbitrary File Download vulnerability — Olive One Click Demo ImportCWE-862 | 7.5 | High | 2024-06-09 |
| CVE-2024-2702 | WordPress Olive One Click Demo Import plugin <= 1.1.1 - Broken Access Control vulnerability — Olive One Click Demo ImportCWE-862 | 8.2 | High | 2024-03-20 |
| CVE-2023-29102 | WordPress Olive One Click Demo Import Plugin <= 1.1.1 is vulnerable to Arbitrary File Upload — Olive One Click Demo ImportCWE-434 | 9.1 | Critical | 2023-12-20 |
This page lists every published CVE security advisory associated with Olive Themes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.