VYPR

Pubnews

by WordPress

CVEs (1)

  • CVE-2024-10578HigDec 6, 2024
    risk 0.61cvss 8.8epss 0.01

    The Pubnews theme for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the pubnews_importer_plugin_action_for_notice() function in all versions up to, and including, 1.0.7. This makes it possible for authenticated…