Browse all 4 CVE security advisories affecting zootemplate. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Zootemplate is a website template provider offering pre-designed themes for various content management systems. Historically, the platform has been associated with multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, as evidenced by its four recorded CVEs. These vulnerabilities often stem from insufficient input validation and insecure default configurations. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities suggests potential risks for organizations using these templates without proper hardening or regular updates. Users should implement security best practices when deploying Zootemplate solutions to mitigate potential exploitation risks.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-58920 | WordPress Cerato theme <= 2.2.18 - Reflected Cross Site Scripting (XSS) vulnerability — CeratoCWE-79 | 7.1 | High | 2026-04-10 |
| CVE-2024-51580 | WordPress Clever Addons for Elementor plugin <= 2.2.1 - Cross Site Scripting (XSS) vulnerability — Clever Addons for ElementorCWE-79 | 6.5 | Medium | 2024-11-10 |
| CVE-2024-10357 | Clever Addons for Elementor <= 2.2.1 - Authenticated (Contributor+) Sensitive Information Exposure via Elementor Templates — Clever Addons for ElementorCWE-200 | 4.3 | Medium | 2024-10-26 |
| CVE-2024-2350 | Clever Addons for Elementor <= 2.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple CAFE Widgets — Clever Addons for ElementorCWE-79 | 6.4 | Medium | 2024-06-06 |
This page lists every published CVE security advisory associated with zootemplate. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.