Browse all 9 CVE security advisories affecting fuelthemes. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Fuelthemes develops WordPress themes and plugins for website building, with 9 CVEs recorded historically. Common vulnerabilities include stored cross-site scripting (XSS) and remote code execution (RCE), often stemming from insufficient input validation and improper access controls. Privilege escalation issues have also been documented in several products. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities suggests ongoing challenges in secure coding practices. The company's products remain popular despite these security concerns, indicating that users should prioritize timely updates and implement additional security layers when using their themes and plugins.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-23801 | WordPress The Issue theme <= 1.6.11 - Local File Inclusion vulnerability — The IssueCWE-98 | 8.1 | High | 2026-03-05 |
This page lists every published CVE security advisory associated with fuelthemes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.