Vulnerabilities in ThemeREX

184 results

Vexday analysis

Com 183 CVEs catalogadas e 58 surgidas nos últimos 90 dias, o volume recente de vulnerabilidades nos produtos ThemeREX indica um ritmo elevado de descobertas que merece atenção contínua. Das falhas mapeadas, 24 são classificadas como críticas, embora nenhuma conste no catálogo CISA KEV — taxa abaixo da média geral do catálogo —, e nenhuma possua PoC pública conhecida, o que reduz o risco imediato de exploração em massa. O tipo de falha mais comum é CWE-98 (Remote File Inclusion), categoria que, quando explorada, pode permitir execução remota de código e comprometimento integral de instâncias afetadas. A CVE mais perigosa ativa no momento, CVE-2024-13448, apresenta EPSS de 0,0088, sugerindo baixa probabilidade de exploração ativa no curto prazo, mas o padrão estrutural de falhas de inclusão remota recomenda priorização de correções e revisão de configurações de servidor em ambientes que utilizem temas ou plugins desse vendor.

CVE-2025-69144HIGHWordPress Preservation theme <= 1.10 - Local File Inclusion vulnerabilityEPSS 0.3%CVE-2025-69158HIGHWordPress Granola theme <= 1.13 - Local File Inclusion vulnerabilityEPSS 0.3%CVE-2025-69141HIGHWordPress Kelly Young theme <= 1.1.0 - Local File Inclusion vulnerabilityEPSS 0.3%CVE-2025-69161HIGHWordPress Snowy theme <= 1.13 - Local File Inclusion vulnerabilityEPSS 0.3%CVE-2025-69164HIGHWordPress Skyward theme <= 1.10 - Local File Inclusion vulnerabilityEPSS 0.3%CVE-2025-69123HIGHWordPress Snow Club theme <= 1.1 - Local File Inclusion vulnerabilityEPSS 0.3%CVE-2025-69146HIGHWordPress Dom theme <= 1.24 - Local File Inclusion vulnerabilityEPSS 0.3%CVE-2025-69170HIGHWordPress Eventicity theme <= 1.5 - Local File Inclusion vulnerabilityEPSS 0.3%CVE-2025-69176HIGHWordPress ITactics theme <= 1.0 - Local File Inclusion vulnerabilityEPSS 0.3%CVE-2025-69174HIGHWordPress Etude theme <= 1.6 - Local File Inclusion vulnerabilityEPSS 0.3%CVE-2025-69125HIGHWordPress Food Drop theme <= 1.3 - Local File Inclusion vulnerabilityEPSS 0.3%CVE-2025-69126HIGHWordPress Fortius theme <= 2.3.0 - Local File Inclusion vulnerabilityEPSS 0.3%CVE-2025-69175HIGHWordPress Line Agency theme <= 1.3.1 - Local File Inclusion vulnerabilityEPSS 0.3%CVE-2025-69171HIGHWordPress Orpheus theme <= 1.3 - Local File Inclusion vulnerabilityEPSS 0.3%CVE-2025-69145HIGHWordPress Gat theme <= 1.16 - Local File Inclusion vulnerabilityEPSS 0.3%CVE-2025-69118HIGHWordPress CopyPress theme <= 1.4.5 - Local File Inclusion vulnerabilityEPSS 0.3%CVE-2025-69115HIGHWordPress LuxMed | Medicine & Healthcare Doctor WordPress Theme theme <= 1.2.2 - Local File Inclusion vulnerabilityEPSS 0.3%CVE-2026-22338HIGHWordPress EcoBlue theme <= 1.15 - Local File Inclusion vulnerabilityEPSS 0.3%CVE-2025-58952HIGHWordPress Neuronet theme < 1.14.0 - Local File Inclusion vulnerabilityEPSS 0.3%CVE-2026-28128HIGHWordPress Verse theme <= 1.7.0 - Local File Inclusion vulnerabilityEPSS 0.3%

← previouspage 9 / 10next →