ThemeREX Addons

Vulnerabilities 5Slug trx-addonsPlugin page →

Minimum safe version

2.38.5

Update to 2.38.5 or later to address 5 fixable vulnerabilities

N/A
2026-03-30< 2.38.5

ThemeREX Addons < 2.38.5 - Unauthenticated Arbitrary File Upload

WordfenceCVE
Medium 6.4
2025-07-19< 2.35.2.2

ThemeREX Addons <= 2.35.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via trx_addons_get_svg_from_file Function

EUVDWordfenceCVE
High 8.8
2025-01-27< 2.34.0

WordPress ThemeREX Addons Plugin <= 2.33.0 is vulnerable to Local File Inclusion

PatchstackEUVDWordfenceCVE
Critical 9.8
2020-03-09< 1.70.3.1

CVE-2020-10257

CVEWordfence