rarathemes CVE Vulnerabilities & Metrics

Focus on rarathemes vulnerabilities and metrics.

Last updated: 12 May 2026, 22:25 UTC

About rarathemes Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with rarathemes. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Global CVE Overview

Total rarathemes CVEs: 18
Earliest CVE date: 29 Apr 2022, 17:15 UTC
Latest CVE date: 21 Jan 2025, 14:15 UTC

Latest CVE reference: CVE-2025-23998

Rolling Stats

30-day Count (Rolling): 0
365-day Count (Rolling): 0

Calendar-based Variation

Calendar-based Variation compares a fixed calendar period (e.g., this month versus the same month last year), while Rolling Growth Rate uses a continuous window (e.g., last 30 days versus the previous 30 days) to capture trends independent of calendar boundaries.

Variations & Growth

Month Variation (Calendar): 0%
Year Variation (Calendar): -100.0%

Month Growth Rate (30-day Rolling): 0.0%
Year Growth Rate (365-day Rolling): -100.0%

Monthly CVE Trends (current vs previous Year)

Annual CVE Trends (Last 20 Years)

Critical rarathemes CVEs (CVSS ≥ 9) Over 20 Years

CVSS Stats

Average CVSS: 0.38

Max CVSS: 6.8

Critical CVEs (≥9): 0

CVSS Range vs. Count

Range	Count
0.0-3.9	17
4.0-6.9	1
7.0-8.9	0
9.0-10.0	0

CVSS Distribution Chart

Top 5 Highest CVSS rarathemes CVEs

These are the five CVEs with the highest CVSS scores for rarathemes, sorted by severity first and recency.

CVE-2022-29451 rarathemes Published on 29 Apr 2022, 17:15 UTC (CVSS: 6.8)
Cross-Site Request Forgery (CSRF) leading to Arbitrary File Upload vulnerability in Rara One Click Demo Import plugin <= 1.2.9 on WordPress allows attackers to trick logged-in admin users into uploading dangerous files into /wp-content/uploads/ directory.
CVE-2025-23998 rarathemes Published on 21 Jan 2025, 14:15 UTC (CVSS: 0)
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in raratheme UltraLight the-ultralight allows Reflected XSS.This issue affects UltraLight: from n/a through <= 1.2.
CVE-2024-37937 rarathemes Published on 02 Jan 2025, 12:15 UTC (CVSS: 0)
Cross-Site Request Forgery (CSRF) vulnerability in raratheme Rara Business rara-business allows Cross Site Request Forgery.This issue affects Rara Business: from n/a through <= 1.2.5.
CVE-2024-37508 rarathemes Published on 02 Jan 2025, 12:15 UTC (CVSS: 0)
Cross-Site Request Forgery (CSRF) vulnerability in raratheme Construction Landing Page construction-landing-page allows Cross Site Request Forgery.This issue affects Construction Landing Page: from n/a through <= 1.3.5.
CVE-2024-37503 rarathemes Published on 02 Jan 2025, 12:15 UTC (CVSS: 0)
Cross-Site Request Forgery (CSRF) vulnerability in raratheme Lawyer Landing Page lawyer-landing-page allows Cross Site Request Forgery.This issue affects Lawyer Landing Page: from n/a through <= 1.2.4.

All CVEs for rarathemes

CVE-2025-23998 rarathemes vulnerability CVSS: 0 21 Jan 2025, 14:15 UTC

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in raratheme UltraLight the-ultralight allows Reflected XSS.This issue affects UltraLight: from n/a through <= 1.2.

CVE-2024-37937 rarathemes vulnerability CVSS: 0 02 Jan 2025, 12:15 UTC

Cross-Site Request Forgery (CSRF) vulnerability in raratheme Rara Business rara-business allows Cross Site Request Forgery.This issue affects Rara Business: from n/a through <= 1.2.5.

CVE-2024-37508 rarathemes vulnerability CVSS: 0 02 Jan 2025, 12:15 UTC

Cross-Site Request Forgery (CSRF) vulnerability in raratheme Construction Landing Page construction-landing-page allows Cross Site Request Forgery.This issue affects Construction Landing Page: from n/a through <= 1.3.5.

CVE-2024-37503 rarathemes vulnerability CVSS: 0 02 Jan 2025, 12:15 UTC

Cross-Site Request Forgery (CSRF) vulnerability in raratheme Lawyer Landing Page lawyer-landing-page allows Cross Site Request Forgery.This issue affects Lawyer Landing Page: from n/a through <= 1.2.4.

CVE-2024-37451 rarathemes vulnerability CVSS: 0 02 Jan 2025, 12:15 UTC

Cross-Site Request Forgery (CSRF) vulnerability in raratheme Travel Agency travel-agency allows Cross Site Request Forgery.This issue affects Travel Agency: from n/a through <= 1.4.9.

CVE-2024-37450 rarathemes vulnerability CVSS: 0 02 Jan 2025, 12:15 UTC

Cross-Site Request Forgery (CSRF) vulnerability in raratheme Benevolent benevolent allows Cross Site Request Forgery.This issue affects Benevolent: from n/a through <= 1.3.4.

CVE-2024-37435 rarathemes vulnerability CVSS: 0 02 Jan 2025, 12:15 UTC

Cross-Site Request Forgery (CSRF) vulnerability in raratheme Perfect Portfolio perfect-portfolio allows Cross Site Request Forgery.This issue affects Perfect Portfolio: from n/a through <= 1.2.0.

CVE-2024-37426 rarathemes vulnerability CVSS: 0 02 Jan 2025, 12:15 UTC

Cross-Site Request Forgery (CSRF) vulnerability in raratheme Elegant Pink elegant-pink allows Cross Site Request Forgery.This issue affects Elegant Pink: from n/a through <= 1.3.0.

CVE-2024-37421 rarathemes vulnerability CVSS: 0 02 Jan 2025, 12:15 UTC

Cross-Site Request Forgery (CSRF) vulnerability in raratheme JobScout jobscout allows Cross Site Request Forgery.This issue affects JobScout: from n/a through <= 1.1.4.

CVE-2024-37413 rarathemes vulnerability CVSS: 0 02 Jan 2025, 12:15 UTC

Cross-Site Request Forgery (CSRF) vulnerability in raratheme Preschool and Kindergarten preschool-and-kindergarten allows Cross Site Request Forgery.This issue affects Preschool and Kindergarten: from n/a through <= 1.2.1.

CVE-2024-37104 rarathemes vulnerability CVSS: 0 02 Jan 2025, 12:15 UTC

Cross-Site Request Forgery (CSRF) vulnerability in raratheme Chic Lite chic-lite allows Cross Site Request Forgery.This issue affects Chic Lite: from n/a through <= 1.1.3.

CVE-2024-37103 rarathemes vulnerability CVSS: 0 02 Jan 2025, 12:15 UTC

Cross-Site Request Forgery (CSRF) vulnerability in raratheme Education Zone education-zone allows Cross Site Request Forgery.This issue affects Education Zone: from n/a through <= 1.3.4.

CVE-2024-37505 rarathemes vulnerability CVSS: 0 01 Nov 2024, 15:15 UTC

Missing Authorization vulnerability in Rara Themes Business One Page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Business One Page: from n/a through 1.2.9.

CVE-2024-34379 rarathemes vulnerability CVSS: 0 06 May 2024, 19:15 UTC

Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Restaurant and Cafe.This issue affects Restaurant and Cafe: from n/a through 1.2.1.

CVE-2024-31384 rarathemes vulnerability CVSS: 0 15 Apr 2024, 11:15 UTC

Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme Spa and Salon.This issue affects Spa and Salon: from n/a through 1.2.7.

CVE-2024-31428 rarathemes vulnerability CVSS: 0 15 Apr 2024, 10:15 UTC

Cross-Site Request Forgery (CSRF) vulnerability in Rara Theme The Conference.This issue affects The Conference: from n/a through 1.2.0.

CVE-2023-24404 rarathemes vulnerability CVSS: 0 23 Apr 2023, 10:15 UTC

Reflected Cross-Site Scripting (XSS) vulnerability in VryaSage Marketing Performance plugin <= 2.0.0 versions.

CVE-2022-29451 rarathemes vulnerability CVSS: 6.8 29 Apr 2022, 17:15 UTC

Cross-Site Request Forgery (CSRF) leading to Arbitrary File Upload vulnerability in Rara One Click Demo Import plugin <= 1.2.9 on WordPress allows attackers to trick logged-in admin users into uploading dangerous files into /wp-content/uploads/ directory.