Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

mythemeshop — Vulnerabilities & Security Advisories 12

Browse all 12 CVE security advisories affecting mythemeshop. AI-powered Chinese analysis, POCs, and references for each vulnerability.

MyThemeShop develops WordPress themes and plugins to enhance website functionality and design. Historically, their products have been susceptible to multiple remote code execution vulnerabilities, cross-site scripting (XSS), privilege escalations, and insufficient input validation. The company has accumulated 12 CVEs, with several critical issues allowing attackers to execute arbitrary code or compromise administrative access. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities in their codebase suggests ongoing challenges in secure development practices. Users should maintain regular updates and implement additional security measures when using MyThemeShop products.

Top products by mythemeshop: URL Shortener by MyThemeShop My WP Translate Launcher: Coming Soon & Maintenance Mode (WordPress plugin) WP Subscribe (WordPress plugin) WP Shortcode by MyThemeShop SociallyViral Schema Lite WP Quiz WordPress Review Plugin: The Ultimate Solution for Building a Review Website WP Subscribe
CVE IDTitleCVSSSeverityPublished
CVE-2026-24522 WordPress WP Subscribe plugin <= 1.2.16 - Broken Access Control vulnerability — WP SubscribeCWE-862 4.3 Medium2026-01-23
CVE-2025-8425 My WP Translate <= 1.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update — My WP TranslateCWE-862 8.8 High2025-09-11
CVE-2025-8423 My WP Translate <= 1.1 - Authenticated (Subscriber+) Missing Authorization to Arbitrary Option Read and Deletion — My WP TranslateCWE-862 5.4 Medium2025-09-11
CVE-2025-2158 WordPress Review Plugin: The Ultimate Solution for Building a Review Website <= 5.3.5 - Authenticated (Contributor+) Local File Inclusion via Post Custom Fields — WordPress Review Plugin: The Ultimate Solution for Building a Review WebsiteCWE-22 8.8 High2025-05-10
CVE-2025-46482 WordPress WP Quiz plugin <= 2.0.10 - Cross Site Scripting (XSS) vulnerability — WP QuizCWE-79 6.5 Medium2025-04-25
CVE-2024-37452 WordPress Schema Lite theme <= 1.2.2 - Cross Site Request Forgery (CSRF) vulnerability — Schema LiteCWE-352 4.3 Medium2025-01-02
CVE-2024-37938 WordPress SociallyViral theme <= 1.0.10 - Cross Site Request Forgery (CSRF) vulnerability — SociallyViralCWE-352 4.3 Medium2024-07-12
CVE-2023-23896 WordPress URL Shortener by MyThemeShop Plugin <= 1.0.17 is vulnerable to Broken Access Control — URL Shortener by MyThemeShopCWE-862 5.4 Medium2024-01-17
CVE-2023-28495 WordPress WP Shortcode by MyThemeShop Plugin <= 1.4.16 is vulnerable to Cross Site Request Forgery (CSRF) — WP Shortcode by MyThemeShopCWE-352 4.3 Medium2023-11-12
CVE-2023-30472 WordPress URL Shortener by MyThemeShop Plugin <= 1.0.17 is vulnerable to Cross Site Scripting (XSS) — URL Shortener by MyThemeShopCWE-79 7.1 High2023-09-27
CVE-2021-36829 WordPress Launcher: Coming Soon & Maintenance Mode plugin <= 1.0.11 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — Launcher: Coming Soon & Maintenance Mode (WordPress plugin)CWE-79 4.8 Medium2022-09-06
CVE-2021-36844 WordPress WP Subscribe plugin <= 1.2.12 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability — WP Subscribe (WordPress plugin)CWE-79 3.4 Low2022-05-02

This page lists every published CVE security advisory associated with mythemeshop. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.