2 matches found
WordPress Classified Pro theme <= 1.0.14 - Missing Authorization to Authenticated (Subscriber+) Arbitrary plugin Installation vulnerability
Missing Authorization to Authenticated Subscriber+ Arbitrary plugin Installation vulnerability discovered by István Márton in WordPress Theme ClassifiedPro versions = 1.0.14...
WordPress ClassifiedPro Theme <= 1.0.14 is vulnerable to Broken Access Control
Software ClassifiedPro Type Theme Vulnerable versions = 1.0.14 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2025-10706 Patch priority High CVSS severity High 8.8 Developer Claim ownership PSID 07ae0c93c744 Credits István Márton Required privileg...