g5theme — Vulnerabilities & Security Advisories 33

Browse all 33 CVE security advisories affecting g5theme. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by g5theme:Essential Real Estate Ultimate Bootstrap Elements for Elementor Grid Plus – Unlimited grid layout Benaa Framework Grid Plus Zorka Handmade Framework ERE Recently Viewed – Essential Real Estate Add-On Darna Framework Wolverine Framework Book Previewer for Woocommerce G5Plus April

CVE ID	Title	CVSS	Severity	Published
CVE-2026-39714	WordPress G5Plus April theme <= 6.8 - Broken Access Control vulnerability — G5Plus AprilCWE-862	8.1^AI	High^AI	2026-04-08
CVE-2026-39668	WordPress Book Previewer for Woocommerce plugin <= 1.0.6 - Broken Access Control vulnerability — Book Previewer for WoocommerceCWE-862	8.1^AI	High^AI	2026-04-08
CVE-2026-27087	WordPress Wolverine Framework plugin <= 1.9 - Reflected Cross Site Scripting (XSS) vulnerability — Wolverine FrameworkCWE-79	7.1	High	2026-03-25
CVE-2026-27088	WordPress Darna Framework plugin <= 2.9 - Reflected Cross Site Scripting (XSS) vulnerability — Darna FrameworkCWE-79	7.1	High	2026-03-25
CVE-2026-22520	WordPress Handmade Framework plugin <= 3.9 - Reflected Cross Site Scripting (XSS) vulnerability — Handmade FrameworkCWE-79	7.1	High	2026-03-25
CVE-2025-69096	WordPress Zorka theme <= 1.5.7 - Reflected Cross Site Scripting (XSS) vulnerability — ZorkaCWE-79	7.1	High	2026-03-25
CVE-2026-22521	WordPress Handmade Framework plugin <= 3.9 - Local File Inclusion vulnerability — Handmade FrameworkCWE-98	7.5	High	2026-01-08
CVE-2026-0676	WordPress Zorka theme <= 1.5.7 - Broken Access Control vulnerability — ZorkaCWE-862	5.3	Medium	2026-01-08
CVE-2025-68071	WordPress Essential Real Estate plugin <= 5.3.2 - Insecure Direct Object References (IDOR) vulnerability — Essential Real EstateCWE-639	6.5	Medium	2025-12-16
CVE-2025-66127	WordPress Essential Real Estate plugin <= 5.3.2 - Broken Access Control vulnerability — Essential Real EstateCWE-862	5.3	Medium	2025-12-16
CVE-2025-53352	WordPress Grid Plus plugin <= 3.3 - Cross Site Scripting (XSS) vulnerability — Grid PlusCWE-79	7.1	High	2025-10-22
CVE-2025-48126	WordPress Essential Real Estate plugin <= 5.3.2 - Local File Inclusion vulnerability — Essential Real EstateCWE-98	8.1	High	2025-06-09
CVE-2024-13418	Smart Framework <= Multiple Plugins - Authenticated (Subscriber+) Arbitrary File Upload — Benaa FrameworkCWE-434	8.8	High	2025-05-02
CVE-2024-13420	Smart Framework <= Multiple Plugins - Missing Authorization to Authenticated (Subscriber+) Settings Updates — Benaa FrameworkCWE-94	4.3	Medium	2025-05-02
CVE-2024-13419	Smart Framework <= Multiple Plugins - Missing Authorization to Authenticated (Subscriber+) Stored Cross-Site Scripting — Benaa FrameworkCWE-862	6.4	Medium	2025-05-02
CVE-2025-32672	WordPress Ultimate Bootstrap Elements for Elementor plugin <= 1.4.9 - Local File Inclusion Vulnerability — Ultimate Bootstrap Elements for ElementorCWE-98	8.1	High	2025-04-11
CVE-2025-30849	WordPress Essential Real Estate plugin <= 5.2.0 - Local File Inclusion Vulnerability — Essential Real EstateCWE-98	8.1	High	2025-04-01
CVE-2025-24698	WordPress Essential Real Estate plugin <= 5.1.8 - Cross Site Request Forgery (CSRF) vulnerability — Essential Real EstateCWE-352	4.3	Medium	2025-01-24
CVE-2023-34014	WordPress Grid Plus plugin <= 1.3.2 - Broken Access Control vulnerability — Grid PlusCWE-862	5.4	Medium	2024-12-13
CVE-2024-12329	Essential Real Estate <= 5.1.6 - Missing Authorization to Authenticated (Contributor+) Information Exposure — Essential Real EstateCWE-200	4.3	Medium	2024-12-12
CVE-2024-10910	Grid Plus – Unlimited grid layout <= 1.3.5 - Unauthenticated Arbitrary Shortcode Execution via grid_plus_load_by_category — Grid Plus – Unlimited grid layoutCWE-94	7.3	High	2024-12-12
CVE-2024-10329	Ultimate Bootstrap Elements for Elementor <= 1.4.6 - Authenticated (Contributor+) Sensitive Information Exposure — Ultimate Bootstrap Elements for ElementorCWE-200	4.3	Medium	2024-11-05
CVE-2024-43140	WordPress Ultimate Bootstrap Elements for Elementor plugin <= 1.4.4 - Local File Inclusion vulnerability — Ultimate Bootstrap Elements for ElementorCWE-22	7.5	High	2024-08-13
CVE-2024-37462	WordPress Ultimate Bootstrap Elements for Elementor plugin <= 1.4.2 - Local File Inclusion vulnerability — Ultimate Bootstrap Elements for ElementorCWE-22	8.5	High	2024-07-09
CVE-2024-4273	Essential Real Estate <= 4.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Essential Real EstateCWE-79	6.4	Medium	2024-06-04
CVE-2024-4274	Essential Real Estate <= 4.4.2 - Insecure Direct Object Reference to Arbitrary Attachment Deletion — Essential Real EstateCWE-639	4.3	Medium	2024-06-04
CVE-2024-2132	Ultimate Bootstrap Elements for Elementor <= 1.4.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Widget — Ultimate Bootstrap Elements for ElementorCWE-79	6.4	Medium	2024-04-06
CVE-2024-1398	Ultimate Bootstrap Elements for Elementor <= 1.3.6 - Authenticated (Contributor+) Stored Cross-Site Scripting — Ultimate Bootstrap Elements for ElementorCWE-79	6.4	Medium	2024-03-02
CVE-2024-24797	WordPress ERE Recently Viewed Plugin <= 1.3 is vulnerable to PHP Object Injection — ERE Recently Viewed – Essential Real Estate Add-OnCWE-502	9.8	Critical	2024-02-12
CVE-2023-6827	Essential Real Estate <= 4.3.5 - Authenticated (Subscriber+) Arbitrary File Upload — Essential Real EstateCWE-434	7.5	High	2023-12-15

This page lists every published CVE security advisory associated with g5theme. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.

Goal Reached Thanks to every supporter — we hit 100%!

g5theme — Vulnerabilities & Security Advisories 33