Browse all 12 CVE security advisories affecting zozothemes. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Zozothemes develops WordPress themes and plugins for website creation, with 12 CVEs recorded primarily involving stored cross-site scripting (XSS) and remote code execution (RCE) vulnerabilities. Historically, their products have frequently contained insufficient input validation and sanitization issues, allowing attackers to execute arbitrary code or inject malicious scripts. While no major public security incidents have been documented, their consistent vulnerability pattern suggests ongoing challenges in secure coding practices. The recurring nature of these flaws indicates a need for improved security testing and code review processes within their development lifecycle.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-68555 | WordPress Nutrie theme < 2.0.1 - Arbitrary File Upload vulnerability — NutrieCWE-434 | 9.9 | Critical | 2026-03-05 |
This page lists every published CVE security advisory associated with zozothemes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.