BoomBox Theme Extensions — Vulnerabilities & Security Advisories 2

All 2 CVE vulnerabilities found in BoomBox Theme Extensions, with AI-generated Chinese analysis, references, and POCs.

CVE ID	Title	CVSS	Severity	Published
CVE-2024-12295	BoomBox Theme Extensions <= 1.8.0 - Authenticated (Subscriber+) Privilege Escalation via Password Reset/Account Takeover in boombox_ajax_reset_password CWE-640	8.8	High	2025-03-19
CVE-2024-12859	BoomBox Theme Extensions <= 1.8.0 - Authenticated (Contributor+) Local File Inclusion via Shortcode CWE-98	8.8	High	2025-02-03

All 2 known CVE vulnerabilities affecting BoomBox Theme Extensions with full Chinese analysis, references, and POCs where available.