Browse all 50 CVE security advisories affecting boldthemes. AI-powered Chinese analysis, POCs, and references for each vulnerability.
BoldThemes operates as a prominent developer of premium WordPress themes and plugins, primarily targeting business and portfolio websites. Its extensive product portfolio has historically exposed users to significant security risks, resulting in fifty recorded Common Vulnerabilities and Exposures. The most prevalent vulnerability classes include Remote Code Execution, Cross-Site Scripting, and Privilege Escalation, often stemming from insufficient input validation and weak authentication mechanisms in older plugin versions. While the company has implemented security patches for identified flaws, the sheer volume of past incidents highlights systemic challenges in maintaining code integrity across a large, diverse suite of products. Users are advised to prioritize regular updates and rigorous security auditing to mitigate the inherent risks associated with these widely deployed WordPress extensions.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-60216 | WordPress Addison theme < 1.4.8 - PHP Object Injection vulnerability — AddisonCWE-502 | 9.8 | Critical | 2025-10-22 |
This page lists every published CVE security advisory associated with boldthemes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.