Support Us — Your donation helps us keep running

Goal: 1000 CNY,Raised: 1000 CNY

100.0%
Donate Now

RexTheme — Vulnerabilities & Security Advisories 11

Browse all 11 CVE security advisories affecting RexTheme. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top 10 Products RexTheme:WP VRWP VR – 360 Panorama and Free Virtual Tour Builder For WordPressWP VR – 360 Panorama and Virtual Tour Builder For WordPressCart Lift – Abandoned Cart Recovery for WooCommerce and EDDProduct Feed Manager
CVE IDTitleCVSSSeverityPaused
CVE-2025-62885 WordPress WP VR plugin <= 8.5.48 - Cross Site Scripting (XSS) vulnerability — WP VRCWE-79 6.1AIMediumAI2025-10-27
CVE-2025-12005 WP VR – 360 Panorama and Free Virtual Tour Builder For WordPress <= 8.5.41 - Improper Authorization to Authenticated (Contributor+) Plugin Settings Update — WP VR – 360 Panorama and Free Virtual Tour Builder For WordPressCWE-285 4.3 Medium2025-10-25
CVE-2025-6350 WP VR – 360 Panorama and Free Virtual Tour Builder For WordPress <= 8.5.32 - Authenticated (Contributor+) Stored Cross-Site Scripting — WP VR – 360 Panorama and Free Virtual Tour Builder For WordPressCWE-79 6.4 Medium2025-06-28
CVE-2025-47452 WordPress WP VR plugin <= 8.5.26 - Arbitrary File Upload Vulnerability — WP VRCWE-434 9.9 Critical2025-06-17
CVE-2025-24730 WordPress WP VR plugin <= 8.5.14 - Cross Site Scripting (XSS) vulnerability — WP VRCWE-79 6.5 Medium2025-01-24
CVE-2024-49680 WordPress WP VR plugin <= 8.5.5 - Broken Access Control vulnerability — WP VRCWE-862 4.3 Medium2024-11-19
CVE-2024-49293 WordPress WP VR plugin <= 8.5.4 - Broken Access Control vulnerability — WP VRCWE-862 4.3 Medium2024-10-21
CVE-2023-52144 WordPress Product Feed Manager plugin <= 7.3.15 - Directory Traversal vulnerability — Product Feed ManagerCWE-22 5.5 Medium2024-04-15
CVE-2023-40663 WordPress WP VR Plugin <= 8.3.4 is vulnerable to Cross Site Scripting (XSS) — WP VRCWE-79 7.1 High2023-09-27
CVE-2022-47449 WordPress Cart Lift – Abandoned Cart Recovery for WooCommerce and EDD Plugin <= 3.1.5 is vulnerable to Cross Site Scripting (XSS) — Cart Lift – Abandoned Cart Recovery for WooCommerce and EDDCWE-79 7.1 High2023-05-04
CVE-2023-25708 WordPress WP VR – 360 Panorama and Virtual Tour Builder For WordPress Plugin <= 8.2.7 is vulnerable to Cross Site Request Forgery (CSRF) — WP VR – 360 Panorama and Virtual Tour Builder For WordPressCWE-352 4.3 Medium2023-03-15

This page lists every published CVE security advisory associated with RexTheme. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.