Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

RadiusTheme — Vulnerabilities & Security Advisories 35

Browse all 35 CVE security advisories affecting RadiusTheme. AI-powered Chinese analysis, POCs, and references for each vulnerability.

RadiusTheme operates as a software development entity primarily focused on creating WordPress themes and plugins for e-commerce and business websites. Despite its commercial focus, the company has been associated with a significant number of security flaws, currently totaling 34 recorded Common Vulnerabilities and Exposures (CVEs). The vulnerabilities frequently exploited in their products typically involve Cross-Site Scripting (XSS), SQL injection, and Remote Code Execution (RCE), often stemming from insufficient input validation and inadequate sanitization of user-supplied data. Additionally, several incidents highlight issues related to privilege escalation and broken access control, allowing unauthorized users to manipulate site settings or execute malicious scripts. These recurring security deficiencies suggest systemic weaknesses in the development and code review processes. The high volume of CVEs indicates that while the themes are widely used, they have historically posed substantial risks to website integrity and user data security, necessitating rigorous patching and security audits for administrators relying on these assets.

Top products by RadiusTheme: The Post Grid Classified Listing Radius Blocks ShopBuilder – Elementor WooCommerce Builder Addons Team Testimonial Slider And Showcase Pro Metro Portfolio – WordPress Portfolio Plugin Variation Swatches for WooCommerce Variation Images Gallery for WooCommerce Widget for Google Reviews Medilink-Core Review Schema Testimonial Slider and Showcase
CVE IDTitleCVSSSeverityPublished
CVE-2022-50947 WordPress Plugin Testimonial Slider and Showcase 2.2.6 Stored XSS — Testimonial Slider and ShowcaseCWE-79 6.4 Medium2026-05-10
CVE-2026-25344 WordPress Review Schema plugin <= 2.2.6 - Sensitive Data Exposure vulnerability — Review SchemaCWE-497 6.5 Medium2026-03-25
CVE-2026-25026 WordPress Team plugin <= 5.0.11 - Broken Access Control vulnerability — TeamCWE-862 7.5 High2026-03-25
CVE-2026-32396 WordPress Team plugin <= 5.0.13 - Broken Access Control vulnerability — TeamCWE-862 5.3 Medium2026-03-13
CVE-2026-32372 WordPress ShopBuilder – Elementor WooCommerce Builder Addons plugin <= 3.2.4 - Sensitive Data Exposure vulnerability — ShopBuilder – Elementor WooCommerce Builder AddonsCWE-497 5.3 Medium2026-03-13
CVE-2026-32369 WordPress Medilink-Core plugin < 2.0.7 - Local File Inclusion vulnerability — Medilink-CoreCWE-98 7.5 High2026-03-13
CVE-2026-27383 WordPress Metro theme <= 2.13 - Local File Inclusion vulnerability — MetroCWE-98 8.1 High2026-03-05
CVE-2026-27382 WordPress Metro theme <= 2.13 - Reflected Cross Site Scripting (XSS) vulnerability — MetroCWE-79 7.1 High2026-03-05
CVE-2026-23546 WordPress Classified Listing plugin <= 5.3.4 - Sensitive Data Exposure vulnerability — Classified ListingCWE-201 6.5 Medium2026-03-05
CVE-2025-64282 WordPress Radius Blocks plugin <= 2.2.1 - Insecure Direct Object References (IDOR) vulnerability — Radius BlocksCWE-639 4.3 Medium2025-12-18
CVE-2025-32657 WordPress Testimonial Slider and Showcase Pro plugin <= 2.1.7 - Local File Inclusion vulnerability — Testimonial Slider And Showcase ProCWE-98 7.5 High2025-10-22
CVE-2025-57975 WordPress Team Plugin <= 5.0.6 - Broken Access Control Vulnerability — TeamCWE-862 4.3 Medium2025-09-22
CVE-2025-58601 WordPress Classified Listing Plugin <= 5.0.6 - Broken Access Control Vulnerability — Classified ListingCWE-862 4.3 Medium2025-09-03
CVE-2025-53565 WordPress Widget for Google Reviews <= 1.0.15 - Local File Inclusion Vulnerability — Widget for Google ReviewsCWE-98 8.1 High2025-08-20
CVE-2025-54698 WordPress Classified Listing Plugin plugin <= 5.0.0 - Content Injection Vulnerability — Classified ListingCWE-80 5.4 Medium2025-08-14
CVE-2025-52715 WordPress Classified Listing plugin <= 4.2.0 - Local File Inclusion Vulnerability — Classified ListingCWE-98 7.5 High2025-06-20
CVE-2025-24745 WordPress Classified Listing plugin <= 4.0.1 - Reflected Cross Site Scripting (XSS) vulnerability — Classified ListingCWE-79 7.1 High2025-04-17
CVE-2025-32656 WordPress Testimonial Slider and Showcase Pro plugin <= 2.3.15 - Local File Inclusion vulnerability — Testimonial Slider And Showcase ProCWE-98 8.1 High2025-04-11
CVE-2025-32159 WordPress Radius Blocks plugin <= 2.2.1 - Local File Inclusion vulnerability — Radius BlocksCWE-98 7.5 High2025-04-04
CVE-2025-30814 WordPress The Post Grid plugin <= 7.7.17 - Local File Inclusion vulnerability — The Post GridCWE-98 7.5 High2025-03-27
CVE-2025-24712 WordPress Radius Blocks – WordPress Gutenberg Blocks Plugin <= 2.1.2 - Cross Site Request Forgery (CSRF) vulnerability — Radius BlocksCWE-352 5.4 Medium2025-01-24
CVE-2024-54272 WordPress Radius Blocks plugin <= 2.1.2 - Cross Site Scripting (XSS) vulnerability — Radius BlocksCWE-79 6.5 Medium2024-12-13
CVE-2024-52386 WordPress Classified Listing plugin <= 3.1.16 - Local File Inclusion vulnerability — Classified ListingCWE-98 5.3 Medium2024-11-16
CVE-2024-37482 WordPress The Post Grid plugin <= 7.7.4 - Broken Access Control vulnerability — The Post GridCWE-862 4.3 Medium2024-11-01
CVE-2024-37481 WordPress The Post Grid plugin <= 7.7.4 - Broken Access Control vulnerability — The Post GridCWE-862 6.5 Medium2024-11-01
CVE-2024-37483 WordPress The Post Grid plugin <= 7.7.4 - Broken Access Control vulnerability — The Post GridCWE-862 5.4 Medium2024-11-01
CVE-2024-37520 WordPress ShopBuilder – Elementor WooCommerce Builder Addons plugin <= 2.1.12 - Local File Inclusion vulnerability — ShopBuilder – Elementor WooCommerce Builder AddonsCWE-98 6.5 Medium2024-07-09
CVE-2024-35739 WordPress The Post Grid plugin <= 7.7.1 - Cross Site Scripting (XSS) vulnerability — The Post GridCWE-79 6.5 Medium2024-06-08
CVE-2024-34812 WordPress ShopBuilder plugin <= 2.1.8 - Sensitive Data Exposure vulnerability — ShopBuilder – Elementor WooCommerce Builder AddonsCWE-201 5.3 Medium2024-05-13
CVE-2023-39923 WordPress The Post Grid Plugin <= 7.2.7 is vulnerable to Cross Site Request Forgery (CSRF) — The Post GridCWE-352 5.4 Medium2023-10-03

This page lists every published CVE security advisory associated with RadiusTheme. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.