RadiusTheme 厂商漏洞列表 / CVE 中文分析 35

RadiusTheme 厂商相关 35 条 CVE 漏洞，含 AI 中文分析、POC、CVSS 评分与受影响产品。

RadiusTheme 主要提供电商主题与插件解决方案，其开源项目核心用途在于构建在线商店界面。历史漏洞统计显示，该厂商产品常存在远程代码执行、跨站脚本及越权访问等高危风险，累计已收录 34 条 CVE。安全方面，部分版本因缺乏严格的输入验证导致数据泄露隐患。建议用户及时更新补丁，并强化服务器配置以缓解潜在攻击面，确保业务环境稳定。

上位製品 RadiusTheme: The Post Grid Classified Listing Radius Blocks ShopBuilder – Elementor WooCommerce Builder Addons Team Testimonial Slider And Showcase Pro Metro Portfolio – WordPress Portfolio Plugin Variation Swatches for WooCommerce Variation Images Gallery for WooCommerce Widget for Google Reviews Medilink-Core Review Schema Testimonial Slider and Showcase

CVEs 35

CVE ID	タイトル	CVSS	深刻度	公開日
CVE-2022-50947	WordPress Plugin Testimonial Slider and Showcase 2.2.6 Stored XSS — Testimonial Slider and ShowcaseCWE-79	6.4	Medium	2026-05-10
CVE-2026-25344	WordPress Review Schema plugin <= 2.2.6 - Sensitive Data Exposure vulnerability — Review SchemaCWE-497	6.5	Medium	2026-03-25
CVE-2026-25026	WordPress Team plugin <= 5.0.11 - Broken Access Control vulnerability — TeamCWE-862	7.5	High	2026-03-25
CVE-2026-32396	WordPress Team plugin <= 5.0.13 - Broken Access Control vulnerability — TeamCWE-862	5.3	Medium	2026-03-13
CVE-2026-32372	WordPress ShopBuilder – Elementor WooCommerce Builder Addons plugin <= 3.2.4 - Sensitive Data Exposure vulnerability — ShopBuilder – Elementor WooCommerce Builder AddonsCWE-497	5.3	Medium	2026-03-13
CVE-2026-32369	WordPress Medilink-Core plugin < 2.0.7 - Local File Inclusion vulnerability — Medilink-CoreCWE-98	7.5	High	2026-03-13
CVE-2026-27383	WordPress Metro theme <= 2.13 - Local File Inclusion vulnerability — MetroCWE-98	8.1	High	2026-03-05
CVE-2026-27382	WordPress Metro theme <= 2.13 - Reflected Cross Site Scripting (XSS) vulnerability — MetroCWE-79	7.1	High	2026-03-05
CVE-2026-23546	WordPress Classified Listing plugin <= 5.3.4 - Sensitive Data Exposure vulnerability — Classified ListingCWE-201	6.5	Medium	2026-03-05
CVE-2025-64282	WordPress Radius Blocks plugin <= 2.2.1 - Insecure Direct Object References (IDOR) vulnerability — Radius BlocksCWE-639	4.3	Medium	2025-12-18
CVE-2025-32657	WordPress Testimonial Slider and Showcase Pro plugin <= 2.1.7 - Local File Inclusion vulnerability — Testimonial Slider And Showcase ProCWE-98	7.5	High	2025-10-22
CVE-2025-57975	WordPress Team Plugin <= 5.0.6 - Broken Access Control Vulnerability — TeamCWE-862	4.3	Medium	2025-09-22
CVE-2025-58601	WordPress Classified Listing Plugin <= 5.0.6 - Broken Access Control Vulnerability — Classified ListingCWE-862	4.3	Medium	2025-09-03
CVE-2025-53565	WordPress Widget for Google Reviews <= 1.0.15 - Local File Inclusion Vulnerability — Widget for Google ReviewsCWE-98	8.1	High	2025-08-20
CVE-2025-54698	WordPress Classified Listing Plugin plugin <= 5.0.0 - Content Injection Vulnerability — Classified ListingCWE-80	5.4	Medium	2025-08-14
CVE-2025-52715	WordPress Classified Listing plugin <= 4.2.0 - Local File Inclusion Vulnerability — Classified ListingCWE-98	7.5	High	2025-06-20
CVE-2025-24745	WordPress Classified Listing plugin <= 4.0.1 - Reflected Cross Site Scripting (XSS) vulnerability — Classified ListingCWE-79	7.1	High	2025-04-17
CVE-2025-32656	WordPress Testimonial Slider and Showcase Pro plugin <= 2.3.15 - Local File Inclusion vulnerability — Testimonial Slider And Showcase ProCWE-98	8.1	High	2025-04-11
CVE-2025-32159	WordPress Radius Blocks plugin <= 2.2.1 - Local File Inclusion vulnerability — Radius BlocksCWE-98	7.5	High	2025-04-04
CVE-2025-30814	WordPress The Post Grid plugin <= 7.7.17 - Local File Inclusion vulnerability — The Post GridCWE-98	7.5	High	2025-03-27
CVE-2025-24712	WordPress Radius Blocks – WordPress Gutenberg Blocks Plugin <= 2.1.2 - Cross Site Request Forgery (CSRF) vulnerability — Radius BlocksCWE-352	5.4	Medium	2025-01-24
CVE-2024-54272	WordPress Radius Blocks plugin <= 2.1.2 - Cross Site Scripting (XSS) vulnerability — Radius BlocksCWE-79	6.5	Medium	2024-12-13
CVE-2024-52386	WordPress Classified Listing plugin <= 3.1.16 - Local File Inclusion vulnerability — Classified ListingCWE-98	5.3	Medium	2024-11-16
CVE-2024-37482	WordPress The Post Grid plugin <= 7.7.4 - Broken Access Control vulnerability — The Post GridCWE-862	4.3	Medium	2024-11-01
CVE-2024-37481	WordPress The Post Grid plugin <= 7.7.4 - Broken Access Control vulnerability — The Post GridCWE-862	6.5	Medium	2024-11-01
CVE-2024-37483	WordPress The Post Grid plugin <= 7.7.4 - Broken Access Control vulnerability — The Post GridCWE-862	5.4	Medium	2024-11-01
CVE-2024-37520	WordPress ShopBuilder – Elementor WooCommerce Builder Addons plugin <= 2.1.12 - Local File Inclusion vulnerability — ShopBuilder – Elementor WooCommerce Builder AddonsCWE-98	6.5	Medium	2024-07-09
CVE-2024-35739	WordPress The Post Grid plugin <= 7.7.1 - Cross Site Scripting (XSS) vulnerability — The Post GridCWE-79	6.5	Medium	2024-06-08
CVE-2024-34812	WordPress ShopBuilder plugin <= 2.1.8 - Sensitive Data Exposure vulnerability — ShopBuilder – Elementor WooCommerce Builder AddonsCWE-201	5.3	Medium	2024-05-13
CVE-2023-39923	WordPress The Post Grid Plugin <= 7.2.7 is vulnerable to Cross Site Request Forgery (CSRF) — The Post GridCWE-352	5.4	Medium	2023-10-03

本页汇总了 RadiusTheme 厂商截至目前公开的全部 35 条 CVE 漏洞。每条漏洞均包含 CVSS 评分、CWE 弱点分类、受影响产品与参考链接，并附带 AI 生成的中文分析以便快速判断风险。

目標達成 すべての支援者に感謝 — 100%達成しました！

RadiusTheme 厂商漏洞列表 / CVE 中文分析 35

目標達成すべての支援者に感謝 — 100%達成しました！