WordPress Bootstrap Ultimate theme <= 1.4.9 - Unauthenticated Limited Local File Inclusion vulnerability

Unauthenticated Limited Local File Inclusion vulnerability discovered by Aril Aprilio forsak3n in WordPress Theme Bootstrap Ultimate versions = 1.4.9...

CVE-2024-13545

The Bootstrap Ultimate theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.4.9 via the path parameter. This makes it possible for unauthenticated attackers to include PHP files on the server, allowing the execution of any PHP code in those files. This...