Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

gavias — Vulnerabilities & Security Advisories 11

Browse all 11 CVE security advisories affecting gavias. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Gavias develops WordPress themes and page builders primarily used for website creation and customization. Historically, the software has been vulnerable to multiple remote code execution (RCE) and cross-site scripting (XSS) flaws, often stemming from insufficient input validation and sanitization. Privilege escalation vulnerabilities have also been recurrent, allowing unauthorized access to administrative functions. While no major public security incidents have been widely documented, the accumulation of 11 CVEs indicates consistent security challenges. The vulnerabilities typically stem from inadequate security controls in theme customization options and builder components, potentially exposing websites to complete compromise.

Top products by gavias: Oxpitan Winnex Enzio - Responsive Business WordPress Theme Kiamo - Responsive Business Service WordPress Theme Vizeon - Business Consulting Krowd Zilom Kipso Indutri Ziston Kunco
CVE IDTitleCVSSSeverityPublished
CVE-2026-32531 WordPress Kunco theme < 1.4.5 - Local File Inclusion vulnerability — KuncoCWE-98 8.1 High2026-03-25
CVE-2025-58215 WordPress Ziston Theme < 1.4.5 - Local File Inclusion Vulnerability — ZistonCWE-98 8.1 High2025-09-09
CVE-2025-58214 WordPress Indutri Theme < 1.3.0 - Local File Inclusion Vulnerability — IndutriCWE-98 8.1 High2025-09-05
CVE-2025-53578 WordPress Kipso Theme <= 1.3.4 - Local File Inclusion Vulnerability — KipsoCWE-98 8.1 High2025-08-28
CVE-2024-43334 WordPress Zilom theme < 1.4.5 - Cross Site Scripting (XSS) vulnerability — ZilomCWE-79 7.1 High2025-07-07
CVE-2025-32595 WordPress Krowd theme < 1.5.0 - Local File Inclusion vulnerability — KrowdCWE-98 8.1 High2025-06-09
CVE-2025-31064 WordPress Vizeon theme < 1.2.1 - Local File Inclusion vulnerability — Vizeon - Business ConsultingCWE-98 8.1 High2025-05-23
CVE-2025-31633 WordPress Kiamo - Responsive Business Service WordPress Theme <= 1.3.3 - Local File Inclusion Vulnerability — Kiamo - Responsive Business Service WordPress ThemeCWE-98 8.1 High2025-05-23
CVE-2025-31912 WordPress Enzio - Responsive Business WordPress Theme theme < 1.2.6 - Local File Inclusion vulnerability — Enzio - Responsive Business WordPress ThemeCWE-98 8.1 High2025-05-23
CVE-2025-32294 WordPress Oxpitan theme <= 1.3.5 - Local File Inclusion Vulnerability — OxpitanCWE-98 8.1 High2025-05-23
CVE-2025-32302 WordPress Winnex theme <= 1.3.2 - Local File Inclusion Vulnerability — WinnexCWE-98 8.1 High2025-05-23

This page lists every published CVE security advisory associated with gavias. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.