Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

ThemeGoods — Vulnerabilities & Security Advisories 44

Browse all 44 CVE security advisories affecting ThemeGoods. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by ThemeGoods:PhotographyGrand RestaurantPhotoMeAltairGrand BlogGrand MagazineGrand TourGrand ConferenceGrand Conference Theme Custom Post TypeCapellaGrand Car RentalGrand PortfolioGrand PhotographyArchitecturerMusicoGrand NewsStartoGrand WeddingGrand SpaGrand Restaurant Theme Elements for ElementorCraftDotLifeHoteller
CVE IDTitleCVSSSeverityPublished
CVE-2026-39635 WordPress Grand Magazine theme <= 3.5.5 - Cross Site Request Forgery (CSRF) vulnerability — Grand MagazineCWE-352 8.8AIHighAI2026-04-08
CVE-2026-39633 WordPress Grand Car Rental theme <= 3.6.9 - Cross Site Request Forgery (CSRF) vulnerability — Grand Car RentalCWE-352 8.8AIHighAI2026-04-08
CVE-2026-39634 WordPress Grand Portfolio theme <= 3.3 - Cross Site Request Forgery (CSRF) vulnerability — Grand PortfolioCWE-352 8.8AIHighAI2026-04-08
CVE-2026-39632 WordPress Grand Blog theme <= 3.1 - Cross Site Request Forgery (CSRF) vulnerability — Grand BlogCWE-352 8.8AIHighAI2026-04-08
CVE-2026-39603 WordPress Grand Photography theme <= 5.7.8 - Cross Site Request Forgery (CSRF) vulnerability — Grand PhotographyCWE-352 8.8AIHighAI2026-04-08
CVE-2026-27043 WordPress Photography theme < 7.7.6 - Arbitrary File Upload vulnerability — PhotographyCWE-434 7.2 High2026-03-19
CVE-2026-27367 WordPress Musico theme < 3.4.5 - Cross Site Scripting (XSS) vulnerability — MusicoCWE-79 7.1 High2026-03-05
CVE-2026-27358 WordPress Architecturer theme < 3.9.5 - Cross Site Scripting (XSS) vulnerability — ArchitecturerCWE-79 7.1 High2026-03-05
CVE-2026-27353 WordPress Grand News | Magazine Newspaper WordPress theme <= 3.4.3 - Reflected Cross Site Scripting (XSS) vulnerability — Grand NewsCWE-79 7.1 High2026-03-05
CVE-2026-27352 WordPress Starto theme < 2.2.5 - Cross Site Scripting (XSS) vulnerability — StartoCWE-79 7.1 High2026-03-05
CVE-2026-27348 WordPress Photography theme < 7.7.6 - Cross Site Scripting (XSS) vulnerability — PhotographyCWE-79 7.1 High2026-03-05
CVE-2026-22417 WordPress Grand Wedding theme < 3.1.11 - PHP Object Injection vulnerability — Grand WeddingCWE-502 9.8 Critical2026-03-05
CVE-2026-24949 WordPress PhotoMe theme <= 5.7.1 - Cross Site Scripting (XSS) vulnerability — PhotoMeCWE-79 7.1 High2026-02-20
CVE-2026-24943 WordPress Grand Conference theme <= 5.3.4 - Reflected Cross Site Scripting (XSS) vulnerability — Grand ConferenceCWE-79 7.1 High2026-02-20
CVE-2025-69370 WordPress Capella theme <= 2.5.5 - PHP Object Injection vulnerability — CapellaCWE-502 9.8 Critical2026-02-20
CVE-2025-69301 WordPress PhotoMe theme <= 5.6.11 - PHP Object Injection vulnerability — PhotoMeCWE-502 9.8 Critical2026-02-20
CVE-2026-23542 WordPress Grand Restaurant theme <= 7.0.10 - PHP Object Injection vulnerability — Grand RestaurantCWE-502 9.8 Critical2026-02-19
CVE-2026-24961 WordPress Grand Blog theme < 3.1.5 - Server Side Request Forgery (SSRF) vulnerability — Grand BlogCWE-918 5.4 Medium2026-02-03
CVE-2026-24381 WordPress PhotoMe theme < 5.7.2 - Server Side Request Forgery (SSRF) vulnerability — PhotoMeCWE-918 5.4 Medium2026-01-22
CVE-2025-69321 WordPress Grand Spa theme <= 3.5.5 - Reflected Cross Site Scripting (XSS) vulnerability — Grand SpaCWE-79 7.1 High2026-01-22
CVE-2025-69320 WordPress Grand Magazine theme <= 3.5.7 - Reflected Cross Site Scripting (XSS) vulnerability — Grand MagazineCWE-79 7.1 High2026-01-22
CVE-2025-68538 WordPress Craft | Coffee Shop Cafe Restaurant WordPress theme <= 2.3.6 - Reflected Cross Site Scripting (XSS) vulnerability — CraftCWE-79 7.1 High2026-01-22
CVE-2025-68520 WordPress DotLife theme < 4.9.5 - Reflected Cross Site Scripting (XSS) vulnerability — DotLifeCWE-79 7.1 High2026-01-22
CVE-2025-68518 WordPress Hoteller theme < 6.8.9 - Reflected Cross Site Scripting (XSS) vulnerability — HotellerCWE-79 7.1 High2026-01-22
CVE-2025-68510 WordPress Photography theme < 7.7.5 - Local File Inclusion vulnerability — PhotographyCWE-98 8.1 High2026-01-22
CVE-2025-67952 WordPress Grand Tour theme < 5.6.2 - Cross Site Scripting (XSS) vulnerability — Grand TourCWE-79 7.1 High2026-01-22
CVE-2025-63026 WordPress Grand Restaurant Theme Elements for Elementor plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability — Grand Restaurant Theme Elements for ElementorCWE-79 6.5 Medium2026-01-22
CVE-2025-67922 WordPress Grand Restaurant theme < 7.0.9 - Cross Site Scripting (XSS) vulnerability — Grand RestaurantCWE-79 7.1 High2026-01-08
CVE-2025-64217 WordPress Photography theme <= 7.7.2 - Cross Site Scripting (XSS) vulnerability — PhotographyCWE-79 7.1 High2025-12-18
CVE-2025-64224 WordPress Grand Conference Theme Custom Post Type plugin < 2.6.4 - Cross Site Scripting (XSS) vulnerability — Grand Conference Theme Custom Post TypeCWE-79 7.1 High2025-11-06

This page lists every published CVE security advisory associated with ThemeGoods. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.