Browse all 4 CVE security advisories affecting themehorse. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Themehorse is a WordPress theme provider offering templates for websites, blogs, and business portfolios. Historically, their themes have been associated with multiple security vulnerabilities, including cross-site scripting (XSS), remote code execution (RCE), and privilege escalation issues. These vulnerabilities often stem from insufficient input validation and improper permission handling. With four CVEs on record, Themehorse's security track record has been inconsistent, though no major public security incidents have been widely reported. Users should implement regular updates and security hardening measures when using their themes to mitigate potential risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-50434 | WordPress NewsCard theme <= 1.3 - Local File Inclusion vulnerability — NewsCardCWE-98 | 7.5 | High | 2024-10-28 |
| CVE-2024-50435 | WordPress Meta News theme <= 1.1.7 - Local File Inclusion vulnerability — Meta NewsCWE-98 | 7.5 | High | 2024-10-28 |
| CVE-2024-50436 | WordPress Clean Retina theme <= 3.0.6 - Local File Inclusion vulnerability — Clean RetinaCWE-98 | 7.5 | High | 2024-10-28 |
| CVE-2024-49701 | WordPress Mags theme <= 1.1.6 - Local File Inclusion vulnerability — MagsCWE-98 | 7.5 | High | 2024-10-23 |
This page lists every published CVE security advisory associated with themehorse. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.