Themeum Droip
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Themeum Droip.
By the Year
In 2026 there have been 0 vulnerabilities in Themeum Droip. Last year, in 2025 Droip had 2 security vulnerabilities published. Right now, Droip is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 2 | 8.80 |
| 2024 | 2 | 6.90 |
It may take a day or so for new Droip vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Themeum Droip Security Vulnerabilities
Droip Plugin Missing Capability Check (WP <=2.2.0)
CVE-2025-5835
8.8 - High
- July 25, 2025
The Droip plugin for WordPress is vulnerable to unauthorized modification and access of data due to a missing capability check on the droip_post_apis() function in all versions up to, and including, 2.2.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to perform many actions as the AJAX hooks to several functions. Some potential impacts include arbitrary post deletion, arbitrary post creation, post duplication, settings update, user manipulation, and much more.
AuthZ
Droip WP Plugin <=2.2.0: Arbitrary File Upload (RCE)
CVE-2025-5831
8.8 - High
- July 25, 2025
The Droip plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the make_google_font_offline() function in all versions up to, and including, 2.2.0. This makes it possible for authenticated attackers, with Subscriber-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible.
Unrestricted File Upload
Path Traversal in Themeum Droip <=1.1.1 Enables File Manipulation
CVE-2024-43955
7.5 - High
- August 29, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Themeum Droip allows File Manipulation.This issue affects Droip: from n/a through 1.1.1.
Directory traversal
Themeum Droip <=1.1.1 Improper Authorization via ACLs
CVE-2024-43954
6.3 - Medium
- August 29, 2024
Incorrect Authorization vulnerability in Themeum Droip allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Droip: from n/a through 1.1.1.
AuthZ
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Themeum Droip or by Themeum? Click the Watch button to subscribe.
