CVE-2025-31013 Themify CVE debrief

Who should care

Administrators and users of Themify Folo WordPress theme versions up to 1.9.6 should be aware of this vulnerability and take necessary actions to secure their installations.

Technical summary

CVE-2025-31013 is a Reflected XSS vulnerability in Themify Folo. The vulnerability arises from improper neutralization of input during web page generation. An attacker could exploit this by crafting a malicious URL that, when visited by an authenticated user, executes arbitrary JavaScript code in the context of the user's session. The CVSS vector for this vulnerability is CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L.

Defensive priority

High

Recommended defensive actions

• Update Themify Folo to the latest version if you are using version 1.9.6 or earlier.
• Implement Content Security Policy (CSP) to define which sources of content are allowed to be executed within a web page.
• Use a Web Application Firewall (WAF) to detect and prevent common web attacks, including XSS.
• Regularly monitor your website for suspicious activity and ensure that all user input is properly sanitized.
• Educate users about the risks of clicking on suspicious links or providing sensitive information.
• Consider implementing a bug bounty program to encourage responsible disclosure of vulnerabilities.

Evidence notes

This vulnerability was reported by Patchstack and is documented in the CVE record. The CVE was published on June 17, 2026, and the information provided is based on data from official sources.

Official resources