Themerex addons
This hub aggregates every CVE we track for Themerex addons, a product in the web cms plugins space. Use it to gauge the current risk picture and drill into individual advisories.
4
CVEs tracked
2
Critical
1
High
0
In CISA KEV
Severity distribution
CRITICAL2HIGH1MEDIUM1
Monthly trend
0
0
0
0
0
0
2
0
0
0
0
0
1
0
0
0
0
0
0
0
0
0
0
1
2024-072026-06
Latest CVEs
The 4 most recently published vulnerabilities affecting Themerex addons.
- CVE-2025-60205WordPress ThemeREX Addons plugin <= 2.36.1.1 - PHP Object Injection vulnerability9.8
- CVE-2025-6997ThemeREX Addons <= 2.35.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via trx_addons_get_svg_from_file Function6.4
- CVE-2024-13448ThemeREX Addons <= 2.32.3 - Unauthenticated Arbitrary File Upload in trx_addons_uploads_save_data9.8
- CVE-2025-0682ThemeREX Addons <= 2.33.0 - Authenticated (Contributor+) Local File Inclusion via Shortcode8.8
Product normalization is registry-driven with AI assist and human review. How it works