Browse all 3 CVE security advisories affecting Themeqx. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Themeqx is a WordPress theme provider focusing on responsive website templates for businesses and bloggers. Historically, their themes have been susceptible to multiple security vulnerabilities including stored cross-site scripting (XSS), remote code execution (RCE), and privilege escalation flaws, often stemming from insufficient input validation and improper capability checks. The three publicly disclosed CVEs affecting Themeqx products highlight these recurring security weaknesses, with RCE vulnerabilities being particularly concerning as they could allow attackers to execute arbitrary code on affected servers. No major security incidents have been widely reported, but the consistent pattern of vulnerabilities suggests ongoing challenges in secure development practices.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-31765 | WordPress GDPR Cookie Notice plugin <= 1.2.0 - Broken Access Control vulnerability — GDPR Cookie NoticeCWE-862 | 5.3 | Medium | 2025-04-01 |
| CVE-2024-34568 | WordPress LetterPress Newsletter plugin <= 1.2.1 - Cross Site Scripting (XSS) vulnerability — LetterPressCWE-79 | 5.9 | Medium | 2024-05-08 |
| CVE-2023-27415 | WordPress LetterPress Plugin <= 1.1.2 is vulnerable to Cross Site Scripting (XSS) — LetterPressCWE-79 | 5.9 | Medium | 2023-08-08 |
This page lists every published CVE security advisory associated with Themeqx. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.