Browse all 3 CVE security advisories affecting themesawesome. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Themesawesome is a WordPress theme provider focused on offering customizable templates for websites. Historically, the project has been associated with multiple critical vulnerabilities, including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation issues. These vulnerabilities often stem from insufficient input validation and improper permission checks. The three CVEs recorded for Themesawesome highlight ongoing security concerns, particularly in areas of file handling and user access controls. While no major public security incidents have been widely documented, the pattern of vulnerabilities suggests a need for improved security practices in theme development and regular security audits.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-62150 | WordPress History Timeline plugin <= 1.0.6 - Broken Access Control vulnerability — History TimelineCWE-862 | 4.3 | Medium | 2025-12-31 |
| CVE-2024-13647 | School Management System – SakolaWP <= 1.0.8 - Cross-Site Request Forgery to Exam Setting Manipulation — School Management System – SakolaWPCWE-352 | 4.3 | Medium | 2025-02-27 |
| CVE-2024-12470 | School Management System – SakolaWP <= 1.0.8 - Unauthenticated Privilege Escalation — School Management System – SakolaWPCWE-266 | 9.8 | Critical | 2025-01-07 |
This page lists every published CVE security advisory associated with themesawesome. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.