All 3 CVE vulnerabilities found in PhotoMe, with AI-generated Chinese analysis, references, and POCs.
Vendor: ThemeGoods
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-24949 | WordPress PhotoMe theme <= 5.7.1 - Cross Site Scripting (XSS) vulnerability CWE-79 | 6.1AI | MediumAI | 2026-02-20 |
| CVE-2025-69301 | WordPress PhotoMe theme <= 5.6.11 - PHP Object Injection vulnerability CWE-502 | 9.8AI | CriticalAI | 2026-02-20 |
| CVE-2026-24381 | WordPress PhotoMe theme < 5.7.2 - Server Side Request Forgery (SSRF) vulnerability CWE-918 | 5.4 | Medium | 2026-01-22 |
All 3 known CVE vulnerabilities affecting PhotoMe with full Chinese analysis, references, and POCs where available.