Browse all 5 CVE security advisories affecting SeaTheme. AI-powered Chinese analysis, POCs, and references for each vulnerability.
SeaTheme develops WordPress themes and plugins for website building, with a core use case of creating customizable templates for online businesses. Historically, their products have been susceptible to multiple remote code execution (RCE) and cross-site scripting (XSS) vulnerabilities, often stemming from insufficient input validation and improper sanitization. The five recorded CVEs include critical flaws allowing attackers to execute arbitrary code or inject malicious scripts. While no major public security incidents have been documented, the consistent pattern of vulnerabilities suggests ongoing challenges in secure coding practices, potentially exposing users to significant risks if timely updates are not applied.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-1778 | Art Theme <= 3.12.2.3 - Missing Authorization to Authenticated (Subscriber+) Theme Option Delete — Art ThemeCWE-862 | 4.3 | Medium | 2025-06-06 |
This page lists every published CVE security advisory associated with SeaTheme. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.