Lucene search
K

4 matches found

Circl
Circl
added 2025/07/15 4:25 a.m.4 views

CVE-2025-5393

creationtimestamp| type| source ---|---|--- 2025-07-15 04:25:26+00:00| seen| Telegram/QsNFCaXUakw9z6SiqrEySLSpJ74WLbKnyoaE-Sm3nZV9iU...

9.1CVSS4.8AI score0.00533EPSS
Exploits0
Cvelist
Cvelist
added 2025/07/15 3:43 a.m.9 views

CVE-2025-5393 Alone – Charity Multipurpose Non-profit WordPress Theme <= 7.8.5 - Missing Authorization to Unauthenticated Arbitrary File Deletion

The Alone – Charity Multipurpose Non-profit WordPress Theme theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the aloneimportpackrestoredata function in all versions up to, and including, 7.8.5. This makes it possible for unauthenticated...

9.1CVSS0.00533EPSS
Exploits0References2
CVE
CVE
added 2025/07/15 3:43 a.m.32 views

CVE-2025-5393

The CVE-2025-5393 entry concerns Alone – Charity Multipurpose Non-profit WordPress Theme. Concrete details from connected docs show: versions up to and including 7.8.3 are affected by missing authorization leading to unauthenticated arbitrary file deletion via alone_import_pack_restore_data(), wi...

9.1CVSS6.5AI score0.00533EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/07/14 12:0 a.m.6 views

WordPress Alone Theme <= 7.8.2 is vulnerable to Arbitrary File Deletion

Software Alone Type Theme Vulnerable versions = 7.8.2 Fixed in 7.8.5 OWASP Top 10 A1: Injection Classification Arbitrary File Deletion CVE CVE-2025-5393 Patch priority High CVSS severity High 8.6 Developer Claim ownership PSID 5aa08c886c4e Credits Thái An Required privilege Unauthenticated...

9.1CVSS7.2AI score0.00533EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder