Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

zozothemes — Vulnerabilities & Security Advisories 12

Browse all 12 CVE security advisories affecting zozothemes. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Zozothemes develops WordPress themes and plugins for website creation, with 12 CVEs recorded primarily involving stored cross-site scripting (XSS) and remote code execution (RCE) vulnerabilities. Historically, their products have frequently contained insufficient input validation and sanitization issues, allowing attackers to execute arbitrary code or inject malicious scripts. While no major public security incidents have been documented, their consistent vulnerability pattern suggests ongoing challenges in secure coding practices. The recurring nature of these flaws indicates a need for improved security testing and code review processes within their development lifecycle.

Top products by zozothemes: Corpkit Miion Zegen - Church WordPress Theme Zegen Zegen Core Wiguard Charety Lendiz Nutrie Keenarch
CVE IDTitleCVSSSeverityPublished
CVE-2026-24960 WordPress Charety theme < 2.0.2 - Arbitrary File Upload vulnerability — CharetyCWE-434 9.9 Critical2026-03-05
CVE-2025-68553 WordPress Lendiz theme < 2.0.1 - Arbitrary File Upload vulnerability — LendizCWE-434 9.9 Critical2026-03-05
CVE-2025-68555 WordPress Nutrie theme < 2.0.1 - Arbitrary File Upload vulnerability — NutrieCWE-434 9.9 Critical2026-03-05
CVE-2025-68554 WordPress Keenarch theme < 2.0.1 - Arbitrary File Upload vulnerability — KeenarchCWE-434 9.9 Critical2026-03-05
CVE-2025-68549 WordPress Wiguard theme < 2.0.1 - Arbitrary File Upload vulnerability — WiguardCWE-434 9.9 Critical2026-02-20
CVE-2025-68986 WordPress Miion theme <= 1.2.7 - Arbitrary File Upload vulnerability — MiionCWE-434 9.9 Critical2026-01-22
CVE-2025-68913 WordPress Miion theme <= 1.2.7 - Local File Inclusion vulnerability — MiionCWE-98 7.5 High2026-01-22
CVE-2025-67925 WordPress Corpkit theme <= 2.0 - Local File Inclusion vulnerability — CorpkitCWE-98 7.5 High2026-01-08
CVE-2025-67924 WordPress Corpkit theme <= 2.0 - Arbitrary File Upload vulnerability — CorpkitCWE-434 9.9 Critical2026-01-08
CVE-2025-11087 Zegen Core <= 2.0.1 - Cross-Site Request Forgery to Arbitrary File Upload — Zegen CoreCWE-352 8.8 High2025-11-21
CVE-2025-53252 WordPress Zegen Theme <= 1.1.9 - Local File Inclusion Vulnerability — ZegenCWE-98 7.5 High2025-11-06
CVE-2025-2289 Zegen - Church WordPress Theme <= 1.1.9 - Missing Authorization to Authenticated (Subscriber+) Theme Options Updates — Zegen - Church WordPress ThemeCWE-862 4.3 Medium2025-03-14

This page lists every published CVE security advisory associated with zozothemes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.