VYPR

Alone – Charity Multipurpose Non-profit WordPress Theme

by WordPress

CVEs (2)

  • CVE-2025-5394CriJul 15, 2025
    risk 0.68cvss 9.8epss 0.48

    The Alone – Charity Multipurpose Non-profit WordPress Theme theme for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the alone_import_pack_install_plugin() function in all versions up to, and including, 7.8.3. This makes it possible for…

  • CVE-2025-5393CriJul 15, 2025
    risk 0.59cvss 9.1epss 0.01

    The Alone – Charity Multipurpose Non-profit WordPress Theme theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the alone_import_pack_restore_data() function in all versions up to, and including, 7.8.5. This makes it…