Browse all 14 CVE security advisories affecting imithemes. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Imithemes develops WordPress themes and plugins for website creation, with 14 CVEs recorded. Historically, vulnerabilities have included stored cross-site scripting (XSS), remote code execution (RCE), and privilege escalation flaws, often stemming from insufficient input validation and improper access controls. Security characteristics include inconsistent patching timelines across products, with some critical vulnerabilities remaining unaddressed for extended periods. No major public security incidents have been documented, though the pattern of recurring XSS and RCE issues suggests ongoing challenges in secure coding practices. The company's portfolio maintains a moderate risk profile due to these recurring but typically non-critical vulnerabilities.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-32518 | WordPress Gaea theme < 3.8 - Reflected Cross Site Scripting (XSS) vulnerability — GaeaCWE-79 | 7.1 | High | 2026-03-25 |
This page lists every published CVE security advisory associated with imithemes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.