cleantalk
Vulnerabilities and Security Researches

Theme Changer, CVE-2025-39438

CVE, Research URL

CVE-2025-39438

Home page URL

Security reports for Theme Changer

Application

Theme Changer

Published on
Apr 17, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in momen2009 Theme Changer allows Cross Site Request Forgery. This issue affects Theme Changer: from n/a through 1.3.
Affected versions
Min -, max 1.3.
Status
vulnerable
Previous vulnerability researches
EWWW Image Optimizer (CVE-2023-40600) , Jun 07, 2024
EWWW Image Optimizer (CVE-2016-20010) , Jun 07, 2024
EWWW Image Optimizer (CVE-2014-6243) , Jun 07, 2024
EWWW Image Optimizer (CVE-2021-4342) , Jun 07, 2024
EWWW Image Optimizer (CVE-2020-36750) , Jun 07, 2024
New vulnerability
Lottie Player block – Implement Lottie animations. (CVE-2025-2579) , Apr 26, 2025
360 Product Rotation (CVE-2024-13823) , Apr 26, 2025
User Registration – Custom Registration Form, Login Form, and User Profile WordPress Plugin (CVE-2025-39400) , Apr 26, 2025
License For Envato (CVE-2025-39399) , Apr 25, 2025
occupancyplan (CVE-2025-46450) , Apr 25, 2025