Browse all 6 CVE security advisories affecting themeglow. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Themeglow develops event management and ticketing platforms used by organizations worldwide. Historically, the software has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, with six CVEs documented. Security researchers have identified input validation weaknesses and improper access controls as recurring problems. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities suggests potential risks for unpatched deployments. Organizations using Themeglow should prioritize timely updates and implement additional security controls to mitigate exploitation risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-68855 | WordPress JobBoard Job listing plugin <= 1.2.8 - Sensitive Data Exposure vulnerability — JobBoard Job listingCWE-201 | 5.9 | Medium | 2026-02-20 |
| CVE-2025-31834 | WordPress JobBoard Job listing plugin Plugin <= 1.2.8 - Broken Access Control vulnerability — JobBoard Job listingCWE-862 | 5.3 | Medium | 2025-04-01 |
| CVE-2025-31833 | WordPress JobBoard Job listing plugin Plugin <= 1.2.8 - Insecure Direct Object References (IDOR) vulnerability — JobBoard Job listingCWE-639 | 4.9 | Medium | 2025-04-01 |
| CVE-2024-43243 | WordPress JobBoard Job listing plugin <= 1.2.6 - Arbitrary File Upload vulnerability — JobBoard Job listingCWE-434 | 10.0 | Critical | 2025-01-07 |
This page lists every published CVE security advisory associated with themeglow. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.