Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

ThemeHigh — Vulnerabilities & Security Advisories 11

Browse all 11 CVE security advisories affecting ThemeHigh. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by ThemeHigh:Payment Gateway of Stripe for WooCommerceCheckout Field Editor (Checkout Manager) for WooCommerceAdvanced FAQ ManagerJob Manager & Career – Manage job board listings, and recruitmentsEmail Customizer for WooCommerceCheckout Field Editor for WooCommerce (Pro)Dynamic Pricing and Discount RulesEmail Customizer for WooCommerce | Drag and Drop Email Templates Builder
CVE IDTitleCVSSSeverityPublished
CVE-2026-3231 Checkout Field Editor (Checkout Manager) for WooCommerce <= 2.1.7 - Unauthenticated Stored Cross-Site Scripting via Block Checkout Custom Radio Field — Checkout Field Editor (Checkout Manager) for WooCommerceCWE-79 7.2 High2026-03-11
CVE-2025-13974 Email Customizer for WooCommerce | Drag and Drop Email Templates Builder <= 2.6.7 - Authenticated (Administrator+) Stored Cross-Site Scripting via Email Template Content — Email Customizer for WooCommerce | Drag and Drop Email Templates BuilderCWE-79 4.4 Medium2026-01-07
CVE-2025-67556 WordPress Advanced FAQ Manager plugin <= 1.5.2 - Cross Site Scripting (XSS) vulnerability — Advanced FAQ ManagerCWE-79 5.4AIMediumAI2025-12-09
CVE-2025-67553 WordPress Advanced FAQ Manager plugin <= 1.5.2 - Cross Site Scripting (XSS) vulnerability — Advanced FAQ ManagerCWE-79 6.1AIMediumAI2025-12-09
CVE-2025-49077 WordPress Dynamic Pricing and Discount Rules plugin <= 2.2.9 - Cross Site Request Forgery (CSRF) vulnerability — Dynamic Pricing and Discount RulesCWE-352 4.3 Medium2025-06-06
CVE-2024-8499 Checkout Field Editor (Checkout Manager) for WooCommerce <= 2.0.3 - Reflected Cross-Site Scripting via render_review_request_notice — Checkout Field Editor (Checkout Manager) for WooCommerceCWE-79 4.7 Medium2024-10-04
CVE-2024-35658 WordPress Checkout Field Editor for WooCommerce (Pro) plugin <= 3.6.2 - Unauthenticated Arbitrary File Deletion vulnerability — Checkout Field Editor for WooCommerce (Pro)CWE-22 8.6 High2024-06-10
CVE-2024-32781 WordPress Email Customizer for WooCommerce plugin <= 2.6.0 - Sensitive Data Exposure vulnerability — Email Customizer for WooCommerceCWE-200 7.5 High2024-04-24
CVE-2024-0705 Stripe Payment Plugin for WooCommerce <= 3.7.9 - Unauthenticated SQL Injection — Payment Gateway of Stripe for WooCommerceCWE-89 9.8 Critical2024-01-19
CVE-2023-51545 WordPress Job Manager & Career Plugin <= 1.4.4 is vulnerable to Cross Site Request Forgery (CSRF) leading to PHP Object Injection — Job Manager & Career – Manage job board listings, and recruitmentsCWE-352 9.6 Critical2023-12-29
CVE-2023-3162 Stripe Payment Plugin for WooCommerce <= 3.7.7 - Authentication Bypass — Payment Gateway of Stripe for WooCommerceCWE-288 9.8 Critical2023-08-31

This page lists every published CVE security advisory associated with ThemeHigh. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.