Browse all 6 CVE security advisories affecting Fave Themes. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-1326 | Homey - Booking and Rentals WordPress Theme <= 2.4.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Reservation & Post Deletion — HomeyCWE-862 | 4.3 | Medium | 2025-05-02 |
| CVE-2025-1327 | Homey - Booking and Rentals WordPress Theme <= 2.4.4 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary User Deletion — HomeyCWE-639 | 4.3 | Medium | 2025-05-02 |
| CVE-2025-0748 | Homey <= 2.4.3 - Cross-Site Request Forgery to User Verification — HomeyCWE-352 | 4.3 | Medium | 2025-03-07 |
| CVE-2025-0749 | Homey <= 2.4.3 - Limited Authentication Bypass due to Missing Empty Value Check — HomeyCWE-288 | 8.1 | High | 2025-03-07 |
| CVE-2024-12281 | Homey <= 2.4.2 - Unauthenticated Privilege Escalation in homey_save_profile — HomeyCWE-269 | 9.8 | Critical | 2025-03-05 |
| CVE-2024-11951 | Homey Login Register <= 2.4.0 - Unauthenticated Privilege Escalation in homey_register — Homey Login RegisterCWE-269 | 9.8 | Critical | 2025-03-05 |
This page lists every published CVE security advisory associated with Fave Themes. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.