Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

ThemeMakers — Vulnerabilities & Security Advisories 9

Browse all 9 CVE security advisories affecting ThemeMakers. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by ThemeMakers:Car Dealer Automotive WordPress Theme – ResponsiveCar DealerThemeMakers PayPal Express CheckoutThemeMakers Stripe CheckoutThemeMakers Visual Content Composer
CVE IDTitleCVSSSeverityPublished
CVE-2026-24391 WordPress Car Dealer theme <= 1.6.7 - Reflected Cross Site Scripting (XSS) vulnerability — Car DealerCWE-79 7.1 High2026-03-25
CVE-2025-53299 WordPress ThemeMakers Visual Content Composer Plugin <= 1.5.8 - PHP Object Injection Vulnerability — ThemeMakers Visual Content ComposerCWE-502 9.8 Critical2025-08-20
CVE-2025-39480 WordPress Car Dealer theme < 1.6.8 - PHP Object Injection vulnerability — Car DealerCWE-502 9.8 Critical2025-05-23
CVE-2025-1687 Cardealer <= 1.6.4 - Cross-Site Request Forgery to User Update via update_user_profile — Car Dealer Automotive WordPress Theme – ResponsiveCWE-352 8.8 High2025-02-27
CVE-2025-1681 Cardealer <= 1.6.4 - Missing Authorization to Authenticated (Subscriber+) Change and Delete JS and CSS Files — Car Dealer Automotive WordPress Theme – ResponsiveCWE-862 5.4 Medium2025-02-27
CVE-2025-1682 Cardealer <= 1.6.4 - Arbitrary Theme Option Update to Authenticated (Subscriber+) Privilege Escalation — Car Dealer Automotive WordPress Theme – ResponsiveCWE-862 8.8 High2025-02-27
CVE-2025-1690 ThemeMakers Stripe Checkout <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — ThemeMakers Stripe CheckoutCWE-79 6.4 Medium2025-02-27
CVE-2025-1282 Car Dealer Automotive WordPress Theme – Responsive <= 1.6.3 - Authenticated (Subscriber+) Arbitrary File Deletion and Read — Car Dealer Automotive WordPress Theme – ResponsiveCWE-22 8.8 High2025-02-27
CVE-2025-1689 ThemeMakers PayPal Express Checkout <= 1.1.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — ThemeMakers PayPal Express CheckoutCWE-79 6.4 Medium2025-02-27

This page lists every published CVE security advisory associated with ThemeMakers. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.