Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

UX-themes — Vulnerabilities & Security Advisories 7

Browse all 7 CVE security advisories affecting UX-themes. AI-powered Chinese analysis, POCs, and references for each vulnerability.

UX-themes is a WordPress theme provider offering pre-designed templates for websites. Historically, the themes have been vulnerable to multiple security issues, including cross-site scripting (XSS), remote code execution (RCE), and privilege escalation vulnerabilities. These flaws often stem from insufficient input validation and improper permission checks. With 7 CVEs on record, the themes have faced repeated security concerns, though no major public incidents have been widely reported. The recurring nature of these vulnerabilities suggests ongoing challenges in secure coding practices, potentially exposing users to significant risks if not properly maintained and updated.

Top products by UX-themes: Flatsome Flatsome | Multi-Purpose Responsive WooCommerce Theme
CVE IDTitleCVSSSeverityPublished
CVE-2026-31915 WordPress Flatsome theme <= 3.19.6 - Broken Access Control vulnerability — FlatsomeCWE-862 5.3 Medium2026-03-13
CVE-2026-28083 WordPress Flatsome theme <= 3.20.5 - Cross Site Scripting (XSS) vulnerability — FlatsomeCWE-79 6.5 Medium2026-02-26
CVE-2025-8684 Flatsome <= 3.20.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — FlatsomeCWE-79 6.4 Medium2025-09-05
CVE-2024-5346 Flatsome | Multi-Purpose Responsive WooCommerce Theme <= 3.18.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Shortcodes — FlatsomeCWE-79 6.4 Medium2024-06-22
CVE-2024-5156 Flatsome <= 3.18.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — FlatsomeCWE-79 6.4 Medium2024-06-20
CVE-2023-40555 WordPress Flatsome Theme <= 3.17.5 is vulnerable to PHP Object Injection — Flatsome | Multi-Purpose Responsive WooCommerce ThemeCWE-502 8.3 High2023-12-20
CVE-2023-28994 WordPress Flatsome Theme <= 3.16.8 is vulnerable to Cross Site Scripting (XSS) — FlatsomeCWE-79 7.1 High2023-08-23

This page lists every published CVE security advisory associated with UX-themes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.