Browse all 4 CVE security advisories affecting ThemeBoy. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Themeboy develops WordPress themes and plugins, primarily for sports-related websites. Historically, their products have been vulnerable to multiple security issues including remote code execution, cross-site scripting, and privilege escalation vulnerabilities. The four CVEs associated with Themeboy reveal a pattern of insufficient input validation and improper access controls in their WordPress offerings. While no major public security incidents have been documented, the consistent appearance of similar vulnerability types across their products suggests systemic security weaknesses that require remediation. Users should ensure installations are updated to mitigate potential risks associated with these recurring security flaws.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-62115 | WordPress Hide Plugins plugin <= 1.0.4 - Broken Access Control vulnerability — Hide PluginsCWE-862 | 4.3 | Medium | 2025-12-31 |
This page lists every published CVE security advisory associated with ThemeBoy. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.