Browse all 12 CVE security advisories affecting ThemeAtelier. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Themeatelier is a WordPress theme provider focused on creating professional website templates for businesses and e-commerce platforms. Historically, the company's products have been vulnerable to multiple remote code execution (RCE) flaws, cross-site scripting (XSS) vulnerabilities, and privilege escalation issues, with 12 CVEs documented to date. Security researchers have identified consistent patterns in input validation and sanitization failures across their theme portfolio. While no major public security incidents have been widely reported, the cumulative number of disclosed vulnerabilities suggests ongoing challenges in secure coding practices, potentially exposing thousands of websites to compromise if not properly maintained and updated.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-66099 | WordPress Chat Help plugin <= 3.1.3 - Broken Access Control vulnerability — Chat HelpCWE-862 | 5.3 | Medium | 2025-11-21 |
This page lists every published CVE security advisory associated with ThemeAtelier. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.