Browse all 25 CVE security advisories affecting ThemeMove. AI-powered Chinese analysis, POCs, and references for each vulnerability.
ThemeMove operates as a provider of WordPress themes and plugins, primarily targeting users seeking customizable website designs. Its software portfolio has been associated with twenty-five recorded Common Vulnerabilities and Exposures (CVEs), indicating a significant historical security footprint. Analysis of these vulnerabilities reveals a prevalence of critical flaws, including remote code execution, cross-site scripting, and privilege escalation issues. These defects often stem from insufficient input validation and inadequate sanitization of user-supplied data within the application’s core functions. While specific major incidents involving widespread exploitation are not extensively documented in public threat intelligence feeds, the high volume of CVEs suggests systemic weaknesses in the development lifecycle. Security researchers advise administrators to prioritize regular updates and rigorous patch management to mitigate risks associated with these known defects, ensuring that the underlying infrastructure remains resilient against potential exploitation attempts.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-58206 | WordPress MaxCoach Theme <= 3.2.5 - Local File Inclusion Vulnerability — MaxCoachCWE-98 | 8.1 | High | 2025-09-05 |
This page lists every published CVE security advisory associated with ThemeMove. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.