Browse all 3 CVE security advisories affecting spider-themes. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Spider-themes is a WordPress theme provider focused on responsive, feature-rich templates for websites. Historically, these themes have been vulnerable to multiple security issues including remote code execution, cross-site scripting, and privilege escalation vulnerabilities, often stemming from insufficient input validation and improper access controls. The three recorded CVEs highlight persistent security flaws, with one incident allowing attackers to execute arbitrary code through unauthenticated endpoints. These vulnerabilities typically stem from outdated components and lack of regular security updates, posing significant risks to unpatched installations. Users are advised to maintain current versions and implement additional security measures to mitigate potential exploitation.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-38721 | WordPress EazyDocs plugin <= 2.5.0 - Broken Access Control vulnerability — EazyDocsCWE-862 | 7.1 | High | 2024-11-01 |
| CVE-2024-38720 | WordPress EazyDocs plugin <= 2.5.0 - Cross Site Scripting (XSS) vulnerability — EazyDocsCWE-79 | 6.5 | Medium | 2024-07-20 |
| CVE-2023-47549 | WordPress EazyDocs Plugin <= 2.3.3 is vulnerable to Cross Site Scripting (XSS) — EazyDocs – Most Powerful Knowledge base, wiki, Documentation Builder Plugin (easy docs, knowledgebase)CWE-79 | 6.8 | Medium | 2023-11-14 |
This page lists every published CVE security advisory associated with spider-themes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.