Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

frenify — Vulnerabilities & Security Advisories 15

Browse all 15 CVE security advisories affecting frenify. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Frenify develops WordPress themes and plugins for website builders, with their products primarily used for creating responsive websites and e-commerce platforms. Historically, their vulnerabilities have commonly included stored cross-site scripting (XSS), remote code execution (RCE), and privilege escalation flaws, often stemming from insufficient input validation and improper access controls. Notable security characteristics include multiple CVEs (15 to date) with several critical RCE vulnerabilities in their themes, allowing attackers to execute arbitrary code on affected servers. These vulnerabilities typically arise from inadequate sanitization of user inputs and improper file handling, posing significant risks to websites using their products.

Top products by frenify: Categorify – WordPress Media Library Category & File Manager Arlo Categorify Mow Guff
CVE IDTitleCVSSSeverityPublished
CVE-2026-28076 WordPress Guff theme <= 1.0.1 - Broken Access Control vulnerability — GuffCWE-862 7.5 High2026-03-05
CVE-2025-69082 WordPress Arlo theme <= 6.0.3 - Cross Site Scripting (XSS) vulnerability — ArloCWE-79 7.1 High2026-01-07
CVE-2025-58997 WordPress Mow Theme <= 4.10 - Cross Site Request Forgery (CSRF) Vulnerability — MowCWE-352 9.6 Critical2025-09-09
CVE-2025-59005 WordPress Categorify plugin <= 1.0.7.5 - Broken Access Control vulnerability — CategorifyCWE-862 4.3 Medium2025-09-09
CVE-2025-39475 WordPress Arlo theme <= 6.0.3 - Local File Inclusion Vulnerability — ArloCWE-35 8.1 High2025-06-09
CVE-2024-0385 Categorify <= 1.0.7.4 - Missing Authorization in categorifyAjaxAddCategory — Categorify – WordPress Media Library Category & File ManagerCWE-862 4.3 Medium2024-03-13
CVE-2024-1650 Categorify <= 1.0.7.4 - Missing Authorization in categorifyAjaxRenameCategory — Categorify – WordPress Media Library Category & File ManagerCWE-862 4.3 Medium2024-02-27
CVE-2024-1649 Categorify <= 1.0.7.4 - Missing Authorization in categorifyAjaxDeleteCategory — Categorify – WordPress Media Library Category & File ManagerCWE-862 4.3 Medium2024-02-27
CVE-2024-1910 Categorify <= 1.0.7.4 - Cross-Site Request Forgery via categorifyAjaxClearCategory — Categorify – WordPress Media Library Category & File ManagerCWE-352 4.3 Medium2024-02-27
CVE-2024-1652 Categorify <= 1.0.7.4 - Missing Authorization in categorifyAjaxClearCategory — Categorify – WordPress Media Library Category & File ManagerCWE-862 4.3 Medium2024-02-27
CVE-2024-1906 Categorify <= 1.0.7.4 - Cross-Site Request Forgery via categorifyAjaxAddCategory — Categorify – WordPress Media Library Category & File ManagerCWE-352 4.3 Medium2024-02-27
CVE-2024-1912 Categorify <= 1.0.7.4 - Cross-Site Request Forgery via categorifyAjaxUpdateFolderPosition — Categorify – WordPress Media Library Category & File ManagerCWE-352 4.3 Medium2024-02-27
CVE-2024-1653 Categorify <= 1.0.7.4 - Missing Authorization in categorifyAjaxUpdateFolderPosition — Categorify – WordPress Media Library Category & File ManagerCWE-862 4.3 Medium2024-02-27
CVE-2024-1909 Categorify <= 1.0.7.4 - Cross-Site Request Forgery via categorifyAjaxRenameCategory — Categorify – WordPress Media Library Category & File ManagerCWE-352 4.3 Medium2024-02-27
CVE-2024-1907 Categorify <= 1.0.7.4 - Cross-Site Request Forgery via categorifyAjaxDeleteCategory — Categorify – WordPress Media Library Category & File ManagerCWE-352 4.3 Medium2024-02-27

This page lists every published CVE security advisory associated with frenify. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.