Liquidthemes Ai Hub Startup Technology Wordpress Theme vulnerabilities
2 known vulnerabilities affecting liquidthemes/ai_hub_startup_technology_wordpress_theme.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2025-1093P2CRITICALCVSS 9.8≤ 1.3.72025-04-19
CVE-2025-1093 [CRITICAL] CWE-434 CVE-2025-1093: The AIHub theme for WordPress is vulnerable to arbitrary file uploads due to missing file type valid
The AIHub theme for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the generate_image function in all versions up to, and including, 1.3.7. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible.
nvd
CVE-2025-0951P4MEDIUMCVSS 4.3v02025-08-28
CVE-2025-0951 [MEDIUM] CWE-862 CVE-2025-0951: Multiple plugins and/or themes for WordPress by LiquidThemes are vulnerable to unauthorized access d
Multiple plugins and/or themes for WordPress by LiquidThemes are vulnerable to unauthorized access due to a missing capability check on the liquid_reset_wordpress_before AJAX in various versions. This makes it possible for authenticated attackers, with Subscriber-level access and above, to deactivate all of a site's plugins. While we escalated this to
nvd