Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

ThemeLocation — Vulnerabilities & Security Advisories 8

Browse all 8 CVE security advisories affecting ThemeLocation. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by ThemeLocation:Custom WooCommerce Checkout Fields EditorRemove Add to Cart WooCommerceWoo Products Widgets For ElementorChange Cart button Colors WooCommerceWP Popup Magic
CVE IDTitleCVSSSeverityPublished
CVE-2025-13900 WP Popup Magic <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'name' Shortcode Attribute — WP Popup MagicCWE-79 6.4 Medium2026-01-09
CVE-2025-58799 WordPress Custom WooCommerce Checkout Fields Editor Plugin <= 1.3.4 - Cross Site Request Forgery (CSRF) Vulnerability — Custom WooCommerce Checkout Fields EditorCWE-352 4.3 Medium2025-09-05
CVE-2025-52783 WordPress Change Cart button Colors WooCommerce plugin <= 1.0 - Cross Site Request Forgery (CSRF) Vulnerability — Change Cart button Colors WooCommerceCWE-352 7.1 High2025-06-20
CVE-2024-43271 WordPress Widgets for WooCommerce Products on Elementor plugin <= 2.0.0 - Local File Inclusion vulnerability — Woo Products Widgets For ElementorCWE-22 8.5 High2024-08-19
CVE-2024-33956 WordPress Custom WooCommerce Checkout Fields Editor plugin <= 1.3.0 - Broken Access Control vulnerability — Custom WooCommerce Checkout Fields EditorCWE-862 4.3 Medium2024-05-02
CVE-2024-30518 WordPress Custom WooCommerce Checkout Fields Editor plugin <= 1.3.0 - Cross Site Request Forgery (CSRF) vulnerability — Custom WooCommerce Checkout Fields EditorCWE-352 4.3 Medium2024-03-29
CVE-2024-1697 Custom WooCommerce Checkout Fields Editor <= 1.3.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting — Custom WooCommerce Checkout Fields EditorCWE-79 6.4 Medium2024-03-23
CVE-2023-46629 WordPress Remove Add to Cart WooCommerce Plugin <= 1.4.4 is vulnerable to Cross Site Request Forgery (CSRF) — Remove Add to Cart WooCommerceCWE-352 4.3 Medium2023-11-13

This page lists every published CVE security advisory associated with ThemeLocation. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.