VYPR

Goza Nonprofit Charity Wordpress Theme

by WordPress

CVEs (2)

  • CVE-2025-10690CriSep 19, 2025
    risk 0.64cvss 9.8epss 0.01

    The Goza - Nonprofit Charity WordPress Theme theme for WordPress is vulnerable to unauthorized arbitrary file uploads due to a missing capability check on the 'beplus_import_pack_install_plugin' function in all versions up to, and including, 3.2.2. This makes it possible for…

  • CVE-2025-10134CriSep 9, 2025
    risk 0.59cvss 9.1epss 0.01

    The Goza - Nonprofit Charity WordPress Theme theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the alone_import_pack_restore_data() function in all versions up to, and including, 3.2.2. This makes it possible for…