Browse all 7 CVE security advisories affecting jwsthemes. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Jwsthemes develops WordPress themes and templates for website creation and customization. Historically, these themes have been vulnerable to multiple security issues including cross-site scripting (XSS), remote code execution (RCE), and privilege escalation vulnerabilities, often stemming from insufficient input validation and improper access controls. The themes have accumulated 7 CVE records, with several critical flaws allowing attackers to execute arbitrary code or compromise user accounts. Security researchers have identified consistent patterns in their codebase that leave installations exposed, particularly in areas handling file uploads and user permissions. No major public security incidents have been widely reported, though the CVE count indicates a persistent security challenge requiring ongoing vigilance from users.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-25380 | WordPress Feedy theme < 2.1.5 - Local File Inclusion vulnerability — FeedyCWE-98 | 8.1 | High | 2026-03-25 |
| CVE-2026-25381 | WordPress LoveDate theme < 3.8.6 - Local File Inclusion vulnerability — LoveDateCWE-98 | 8.1 | High | 2026-03-25 |
| CVE-2026-25382 | WordPress IdealAuto theme < 3.8.6 - Local File Inclusion vulnerability — IdealAutoCWE-98 | 8.1 | High | 2026-03-25 |
| CVE-2026-25379 | WordPress StreamVid theme < 6.8.6 - Local File Inclusion vulnerability — StreamVidCWE-98 | 8.1 | High | 2026-03-25 |
| CVE-2025-12550 | WordPress OchaHouse theme <= 2.2.8 - Local File Inclusion vulnerability — OchaHouseCWE-98 | 8.1 | High | 2026-01-08 |
| CVE-2025-69086 | WordPress Issabella theme <= 1.1.2 - Local File Inclusion vulnerability — IssabellaCWE-98 | 8.1 | High | 2026-01-06 |
| CVE-2025-69087 | WordPress FreeAgent theme <= 2.1.2 - Local File Inclusion vulnerability — FreeAgentCWE-98 | 8.1 | High | 2026-01-05 |
This page lists every published CVE security advisory associated with jwsthemes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.