Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Themesflat — Vulnerabilities & Security Advisories 16

Browse all 16 CVE security advisories affecting Themesflat. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Themesflat is a WordPress theme provider offering templates for business and portfolio websites. Historically, their themes have been vulnerable to multiple security issues, including remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and improper access controls. With 16 CVEs on record, Themesflat's products have faced recurring security concerns, particularly in areas of file handling and user permissions. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities suggests a need for improved security practices in theme development and regular updates for users.

Found 10 results / 16Clear Filters
Top products by Themesflat: Themesflat Addons For Elementor themesflat-addons-for-elementor TF Woo Product Grid Addon For Elementor Themesflat Elementor
CVE IDTitleCVSSSeverityPublished
CVE-2025-3275 Themesflat Addons For Elementor <= 2.2.5 - Authenticated (Contributor+) Stored Cross-Site Scripting — Themesflat Addons For ElementorCWE-79 6.4 Medium2025-04-19
CVE-2024-12205 Themesflat Addons For Elementor <= 2.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting — Themesflat Addons For ElementorCWE-79 6.4 Medium2025-01-08
CVE-2024-8516 Themesflat Addons For Elementor <= 2.2.1 - Authenticated (Contributor+) Information Exposure — Themesflat Addons For ElementorCWE-200 4.3 Medium2024-09-25
CVE-2024-8515 Themesflat Addons For Elementor <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting — Themesflat Addons For ElementorCWE-79 6.4 Medium2024-09-25
CVE-2024-4458 Themesflat Addons For Elementor <= 2.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via URLs — Themesflat Addons For ElementorCWE-79 6.4 Medium2024-06-06
CVE-2024-4212 Themesflat Addons For Elementor <= 2.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting in Multiple Widgets — Themesflat Addons For ElementorCWE-79 6.4 Medium2024-06-06
CVE-2024-4459 Themesflat Addons For Elementor <= 2.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Widget Titles — Themesflat Addons For ElementorCWE-87 6.4 Medium2024-06-06
CVE-2024-2922 Themesflat Addons For Elementor <= 2.1.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Widget Tags — Themesflat Addons For ElementorCWE-79 6.4 Medium2024-06-06
CVE-2024-35666 WordPress Themesflat Addons For Elementor plugin <= 2.1.2 - Cross Site Scripting (XSS) vulnerability — Themesflat Addons For ElementorCWE-79 6.5 Medium2024-06-04
CVE-2023-37390 WordPress Themesflat Addons For Elementor Plugin <= 2.0.0 is vulnerable to PHP Object Injection — Themesflat Addons For ElementorCWE-502 8.3 High2023-12-19

This page lists every published CVE security advisory associated with Themesflat. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.