VYPR

MaterialX

by WordPress

CVEs (1)

  • CVE-2023-3204MedJun 20, 2024
    risk 0.42cvss 6.5epss 0.00

    The Materialis theme for WordPress is vulnerable to limited arbitrary options updates in versions up to, and including, 1.1.24. This is due to missing authorization checks on the companion_disable_popup() function called via an AJAX action. This makes it possible for…