Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

ThemePunch OHG — Vulnerabilities & Security Advisories 7

Browse all 7 CVE security advisories affecting ThemePunch OHG. AI-powered Chinese analysis, POCs, and references for each vulnerability.

ThemePunch OHG develops WordPress themes and plugins, primarily for creating responsive websites and sliders. Historically, their products have been vulnerable to multiple security issues, including cross-site scripting (XSS), remote code execution (RCE), and privilege escalation vulnerabilities. The company has recorded seven CVEs, with several critical flaws allowing attackers to execute arbitrary code or compromise administrative access. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities in their extensions suggests potential risks for unpatched installations. Users are advised to maintain updated versions and implement security best practices when using ThemePunch OHG's products.

Top products by ThemePunch OHG: Slider Revolution Essential Grid
CVE IDTitleCVSSSeverityPublished
CVE-2024-37449 WordPress Slider Revolution plugin <= 6.7.13 - Cross Site Scripting (XSS) vulnerability — Slider RevolutionCWE-79 5.9 Medium2024-07-21
CVE-2024-34444 WordPress Slider Revolution plugin < 6.7.0 - Unauthenticated Broken Access Control vulnerability — Slider RevolutionCWE-862 7.1 High2024-06-19
CVE-2024-34443 WordPress Slider Revolution plugin < 6.7.11 - Cross Site Scripting (XSS) vulnerability — Slider RevolutionCWE-79 5.9 Medium2024-06-19
CVE-2023-47771 WordPress Essential Grid plugin <= 3.0.18 - Multiple Authenticated Broken Access Control vulnerability — Essential GridCWE-862 8.3 High2024-06-19
CVE-2023-47784 WordPress Slider Revolution Plugin <= 6.6.15 is vulnerable to Arbitrary File Upload — Slider RevolutionCWE-434 8.4 High2023-12-20
CVE-2023-47772 WordPress Slider Revolution Plugin <= 6.6.14 is vulnerable to Cross Site Scripting (XSS) — Slider RevolutionCWE-79 6.5 Medium2023-11-20
CVE-2023-47684 WordPress Essential Grid Plugin <= 3.1.0 is vulnerable to Cross Site Scripting (XSS) — Essential GridCWE-79 7.1 High2023-11-13

This page lists every published CVE security advisory associated with ThemePunch OHG. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.