Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

themeglow — Vulnerabilities & Security Advisories 6

Browse all 6 CVE security advisories affecting themeglow. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Themeglow develops event management and ticketing platforms used by organizations worldwide. Historically, the software has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, with six CVEs documented. Security researchers have identified input validation weaknesses and improper access controls as recurring problems. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities suggests potential risks for unpatched deployments. Organizations using Themeglow should prioritize timely updates and implement additional security controls to mitigate exploitation risks.

Top products by themeglow: JobBoard Job listing Cleanup – Directory Listing & Classifieds WordPress Plugin Property – Real Estate Directory Listing
CVE IDTitleCVSSSeverityPublished
CVE-2025-68855 WordPress JobBoard Job listing plugin <= 1.2.8 - Sensitive Data Exposure vulnerability — JobBoard Job listingCWE-201 5.9 Medium2026-02-20
CVE-2025-5117 Property 1.0.5 - 1.0.6 - Missing Authorization to Authenticated (Author+) Privilege Escalation via property_package_user_role Metadata in PayPal Registration — Property – Real Estate Directory ListingCWE-862 8.8 High2025-05-27
CVE-2025-31834 WordPress JobBoard Job listing plugin Plugin <= 1.2.8 - Broken Access Control vulnerability — JobBoard Job listingCWE-862 5.3 Medium2025-04-01
CVE-2025-31833 WordPress JobBoard Job listing plugin Plugin <= 1.2.8 - Insecure Direct Object References (IDOR) vulnerability — JobBoard Job listingCWE-639 4.9 Medium2025-04-01
CVE-2025-24563 WordPress Cleanup – Directory Listing & Classifieds plugin <= 1.0.4 - Reflected Cross Site Scripting (XSS) vulnerability — Cleanup – Directory Listing & Classifieds WordPress PluginCWE-79 7.1 High2025-01-31
CVE-2024-43243 WordPress JobBoard Job listing plugin <= 1.2.6 - Arbitrary File Upload vulnerability — JobBoard Job listingCWE-434 10.0 Critical2025-01-07

This page lists every published CVE security advisory associated with themeglow. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.