Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Themify — Vulnerabilities & Security Advisories 14

Browse all 14 CVE security advisories affecting Themify. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by Themify:Themify UltraPost Type Builder (PTB)Themify Portfolio PostThemify BuilderThemify Event PostThemify ShortcodesThemify EdminShopoThemify Newsy
CVE IDTitleCVSSSeverityPublished
CVE-2025-30996 WordPress Themify Newsy <= 1.9.9 - Arbitrary File Upload Vulnerability — Themify NewsyCWE-434 9.9 Critical2026-01-06
CVE-2025-31048 WordPress Shopo <= 1.1.4 - Arbitrary File Upload Vulnerability — ShopoCWE-434 9.9 Critical2026-01-05
CVE-2025-31047 WordPress Themify Edmin theme <= 2.0.0 - PHP Object Injection Vulnerability — Themify EdminCWE-502 8.8 High2026-01-05
CVE-2024-43133 WordPress Themify Shortcodes plugin <= 2.1.1 - Cross Site Scripting (XSS) vulnerability — Themify ShortcodesCWE-79 6.5 Medium2024-08-12
CVE-2023-46146 WordPress Themify Ultra theme <= 7.3.5 - Multiple Broken Access Control vulnerability — Themify UltraCWE-862 8.3 High2024-06-19
CVE-2023-46148 WordPress Themify Ultra theme <= 7.3.5 - Authenticated Arbitrary Settings Change vulnerability — Themify UltraCWE-862 8.8 High2024-06-19
CVE-2023-46145 WordPress Themify Ultra theme <= 7.3.5 - Authenticated Privilege Escalation vulnerability — Themify UltraCWE-269 8.8 High2024-05-17
CVE-2024-31366 WordPress Post Type Builder (PTB) plugin <= 2.0.8 - Auth. Arbitrary Post/Page Creation vulnerability — Post Type Builder (PTB)CWE-862 7.1 High2024-04-09
CVE-2024-31365 WordPress Post Type Builder (PTB) plugin < 2.1.1 - Reflected Cross Site Scripting (XSS) vulnerability — Post Type Builder (PTB)CWE-79 7.1 High2024-04-09
CVE-2024-30440 WordPress Themify Event Post plugin <= 1.2.7 - Cross Site Scripting (XSS) vulnerability — Themify Event PostCWE-79 5.9 Medium2024-03-29
CVE-2024-24872 WordPress Themify Builder Plugin <= 7.0.5 is vulnerable to Cross Site Request Forgery (CSRF) — Themify BuilderCWE-352 4.3 Medium2024-02-21
CVE-2023-46149 WordPress Themify Ultra Theme <= 7.3.5 is vulnerable to Arbitrary File Upload — Themify UltraCWE-434 9.9 Critical2023-12-20
CVE-2023-46147 WordPress Themify Ultra Theme <= 7.3.5 is vulnerable to PHP Object Injection — Themify UltraCWE-502 7.4 High2023-12-20
CVE-2022-32970 WordPress Themify Portfolio Post Plugin <= 1.2.4 is vulnerable to Cross Site Scripting (XSS) — Themify Portfolio PostCWE-79 4.1 Medium2023-05-10

This page lists every published CVE security advisory associated with Themify. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.