Medium 6.5
2025-12-09< 12.9.0
CVE-2025-63073
The7
Vulnerabilities 9Slug dt-the7
Minimum safe version
12.9.2
Update to 12.9.2 or later to address 8 fixable vulnerabilities
⚠ 1 vulnerability has no fix
High 7.5
2025-12-09< 12.8.1.1
CVE-2025-63074
Medium 6.4
2025-10-25< 12.9.2
CVE-2025-11897
Medium 6.4
2025-08-11< 12.7.0
WordPress The7 Theme <= 12.6.0 is vulnerable to Cross Site Scripting (XSS)
Medium 6.4
2024-06-25< 11.14.0
CVE-2024-5451
N/A
< 2.1.1
The7 Premium Theme < 2.1.1 - Cross-Site Scripting (XSS)
Medium 6.1 Unfixed
2023-11-13≤ 11.6.0
CVE-2023-32123
High 7.1
2023-06-23< 11.6.1
CVE-2023-29100
N/A
2015-04-25< 2.1.1
The7 — Website and eCommerce Builder for WordPress <= 2.1.0 - Reflected Cross-Site Scripting