Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

themegrill — Vulnerabilities & Security Advisories 13

Browse all 13 CVE security advisories affecting themegrill. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Top products by themegrill:ColorMagMaintenance PageHimalayasThemeGrill Demo ImporterColorNewsEsteemZakraSpacious
CVE IDTitleCVSSSeverityPublished
CVE-2026-40730 WordPress ThemeGrill Demo Importer plugin <= 2.0.0.6 - Broken Access Control vulnerability — ThemeGrill Demo ImporterCWE-862 9.1 -2026-04-15
CVE-2025-9331 Spacious <= 1.9.11 - Missing Authorization to Autheticated (Subscriber+) Demo Data Import — SpaciousCWE-862 4.3 Medium2025-08-22
CVE-2025-9202 ColorMag <= 4.0.19 - Missing Authorization to Authenticated (Subscriber+) ThemeGrill Demo Importer Plugin Installation — ColorMagCWE-862 4.3 Medium2025-08-20
CVE-2025-8595 Zakra <= 4.1.5 - Missing Authorization to Subscriber+ Demo Import — ZakraCWE-862 4.3 Medium2025-08-06
CVE-2020-36837 ThemeGrill Demo Importer 1.3.4 - 1.6.1 - Authorization Bypass to Site Reset — ThemeGrill Demo ImporterCWE-862 9.9 Critical2024-10-16
CVE-2024-39629 WordPress Himalayas theme <= 1.3.2 - Cross Site Scripting (XSS) vulnerability — HimalayasCWE-79 5.9 Medium2024-08-01
CVE-2024-37432 WordPress Esteem theme <= 1.5.0 - Cross Site Scripting (XSS) vulnerability — EsteemCWE-79 7.1 High2024-07-22
CVE-2024-34571 WordPress Himalayas theme <= 1.3.0 - Cross Site Scripting (XSS) vulnerability — HimalayasCWE-79 6.5 Medium2024-05-08
CVE-2024-33540 WordPress ColorNews theme <= 1.2.6 - Cross Site Scripting (XSS) vulnerability — ColorNewsCWE-79 6.5 Medium2024-04-29
CVE-2024-2500 ColorMag <= 3.1.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Display Name — ColorMagCWE-79 6.4 Medium2024-03-22
CVE-2024-1462 Maintenance Page <= 1.0.8 - Security Mechanism Bypass via REST API — Maintenance PageCWE-284 5.3 Medium2024-03-13
CVE-2024-1370 Maintenance Page <= 1.0.8 - Missing Authorization to Sensitive Information Exposure — Maintenance PageCWE-284 5.3 Medium2024-03-13
CVE-2024-0679 ColorMag <= 3.1.2 - Missing Authorization to Arbitrary Plugin Installation — ColorMagCWE-862 6.5 Medium2024-01-20

This page lists every published CVE security advisory associated with themegrill. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.