Browse all 5 CVE security advisories affecting seothemes. AI-powered Chinese analysis, POCs, and references for each vulnerability.
seothemes develops WordPress themes and plugins for website optimization, with five CVEs recorded. Historically, vulnerabilities have included stored cross-site scripting (XSS) due to insufficient input sanitization, remote code execution (RCE) via file inclusion flaws, and privilege escalation through improper access controls. These issues often stem from inadequate validation of user-supplied data and insufficient privilege checks. While no major public security incidents have been documented, the consistent pattern of vulnerabilities suggests ongoing challenges in secure coding practices. Users should ensure regular updates and implement additional security layers to mitigate potential risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-62097 | WordPress SEO Slider plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerability — SEO SliderCWE-79 | 6.5 | Medium | 2025-12-31 |
| CVE-2024-51899 | WordPress Simple Pricing Table plugin <= 1.0.0 - Cross Site Scripting (XSS) vulnerability — Simple Pricing TableCWE-79 | 6.5 | Medium | 2024-11-19 |
| CVE-2024-51610 | WordPress Display Terms Shortcode plugin <= 1.0.4 - Cross Site Scripting (XSS) vulnerability — Display Terms ShortcodeCWE-79 | 6.5 | Medium | 2024-11-09 |
| CVE-2024-1993 | Icon Widget <= 1.3.0 - Authenticated(Contributor+) Stored Cross-Site Scripting via shortcode — Icon WidgetCWE-79 | 6.4 | Medium | 2024-05-02 |
| CVE-2023-5707 | SEO Slider <= 1.1.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — SEO SliderCWE-79 | 6.4 | Medium | 2023-11-03 |
This page lists every published CVE security advisory associated with seothemes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.