Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

ThemeAtelier — Vulnerabilities & Security Advisories 12

Browse all 12 CVE security advisories affecting ThemeAtelier. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by ThemeAtelier:IDonateProIDonate – Blood Donation, Request And Donor Management SystemDomain For Sale – Sell Domains with Landing Pages, Offers & InquiriesBetter Chat Support for MessengerChat Help
CVE IDTitleCVSSSeverityPublished
CVE-2025-4521 IDonate 2.1.5 - 2.1.9 - Missing Authorization to Authenticated (Subscriber+) Account Takeover/Privilege Escalation via idonate_donor_profile Function — IDonate – Blood Donation, Request And Donor Management SystemCWE-285 8.8 High2026-02-19
CVE-2025-60045 WordPress IDonatePro plugin <= 2.1.11 - Broken Access Control vulnerability — IDonateProCWE-862 6.5AIMediumAI2025-12-18
CVE-2025-58938 WordPress IDonatePro plugin <= 2.1.9 - Broken Access Control vulnerability — IDonateProCWE-862 7.5 High2025-12-18
CVE-2025-66113 WordPress Better Chat Support for Messenger plugin <= 1.2.18 - Broken Access Control vulnerability — Better Chat Support for MessengerCWE-862 5.3 Medium2025-11-21
CVE-2025-66099 WordPress Chat Help plugin <= 3.1.3 - Broken Access Control vulnerability — Chat HelpCWE-862 8.2 -2025-11-21
CVE-2025-4522 IDonate 2.0.0 - 2.1.9 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary User Deletion via admin_post_donor_delete Function — IDonate – Blood Donation, Request And Donor Management SystemCWE-862 6.5 Medium2025-11-07
CVE-2025-4519 IDonate 2.1.5 - 2.1.9 - Missing Authorization to Authenticated (Subscriber+) Account Takeover/Privilege Escalation via idonate_donor_password Function — IDonate – Blood Donation, Request And Donor Management SystemCWE-285 8.8 High2025-11-07
CVE-2025-52752 WordPress IDonatePro plugin <= 2.1.9 - Sensitive Data Exposure vulnerability — IDonateProCWE-497 4.9AIMediumAI2025-10-22
CVE-2025-30635 WordPress IDonatePro <= 2.1.9 - Local File Inclusion Vulnerability — IDonateProCWE-98 8.1 High2025-08-14
CVE-2025-30639 WordPress IDonatePro Plugin <= 2.1.9 - Broken Access Control Vulnerability — IDonateProCWE-862 7.5 High2025-08-14
CVE-2025-4523 IDonate 2.0.0 - 2.1.9 - Missing Authorization to Authenticated (Subscriber+) Sensitive Information Disclosure via admin_donor_profile_view Function — IDonate – Blood Donation, Request And Donor Management SystemCWE-200 6.5 Medium2025-08-01
CVE-2025-5239 Domain For Sale <= 3.0.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via class_name Parameter — Domain For Sale – Sell Domains with Landing Pages, Offers & InquiriesCWE-79 6.4 Medium2025-06-06

This page lists every published CVE security advisory associated with ThemeAtelier. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.