4 matches found
CVE-2025-5393
creationtimestamp| type| source ---|---|--- 2025-07-15 04:25:26+00:00| seen| Telegram/QsNFCaXUakw9z6SiqrEySLSpJ74WLbKnyoaE-Sm3nZV9iU...
CVE-2025-5393 Alone – Charity Multipurpose Non-profit WordPress Theme <= 7.8.5 - Missing Authorization to Unauthenticated Arbitrary File Deletion
The Alone – Charity Multipurpose Non-profit WordPress Theme theme for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the aloneimportpackrestoredata function in all versions up to, and including, 7.8.5. This makes it possible for unauthenticated...
CVE-2025-5393
The CVE-2025-5393 entry concerns Alone – Charity Multipurpose Non-profit WordPress Theme. Concrete details from connected docs show: versions up to and including 7.8.3 are affected by missing authorization leading to unauthenticated arbitrary file deletion via alone_import_pack_restore_data(), wi...
WordPress Alone Theme <= 7.8.2 is vulnerable to Arbitrary File Deletion
Software Alone Type Theme Vulnerable versions = 7.8.2 Fixed in 7.8.5 OWASP Top 10 A1: Injection Classification Arbitrary File Deletion CVE CVE-2025-5393 Patch priority High CVSS severity High 8.6 Developer Claim ownership PSID 5aa08c886c4e Credits Thái An Required privilege Unauthenticated...