Browse all 5 CVE security advisories affecting xplodedthemes. AI-powered Chinese analysis, POCs, and references for each vulnerability.
XplodedThemes develops WordPress themes and plugins, primarily for website customization and functionality. Historically, their products have frequently contained vulnerabilities including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation flaws, often stemming from insufficient input validation and improper access controls. The company has accumulated five CVEs to date, with security researchers consistently identifying similar patterns of insecure coding practices across their offerings. While no major public security incidents have been widely reported, the recurring nature of these vulnerabilities suggests systemic security weaknesses in their development processes, potentially exposing users to significant risks if proper hardening measures are not implemented.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-9546 | WPIDE <= 3.4.9 - Unauthenticated Full Path Dislcosure — WPIDE – File Manager & Code EditorCWE-200 | 5.3 | Medium | 2024-10-14 |
This page lists every published CVE security advisory associated with xplodedthemes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.