Lucene search
K

7 matches found

Packet Storm News
Packet Storm News
added 2025/03/13 12:0 a.m.5 views

WordPress Th Shop Mania Theme 1.4.9 Missing Authorization

WordPress Th Shop Mania theme versions 1.4.9 and below missing capability check proof of concept exploit allowing for arbitrary plugin installation...

8.8CVSS7AI score0.01683EPSS
Exploits2
0day.today
0day.today
added 2025/03/13 12:0 a.m.186 views

WordPress Th Shop Mania Theme 1.4.9 Missing Authorization Exploit

import requests import argparse import re import time By Nxploit | Khaled alenazi, Function to check if the site is vulnerable def checkvulnerabilityurl: versionurl = f"url/wp-content/themes/th-shop-mania/readme.txt" try: response = requests.getversionurl, timeout=5 if response.statuscode == 200:...

8.8CVSS7AI score0.01683EPSS
Exploits2
GithubExploit
GithubExploit
added 2025/03/12 9:0 p.m.344 views

Exploit for CVE-2024-10674

CVE-2024-10674 Exploit - Th Shop Mania --username --password...

8.8CVSS8.8AI score0.01683EPSS
Exploits2
NVD
NVD
added 2024/11/09 4:15 a.m.15 views

CVE-2024-10674

The Th Shop Mania theme for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the thshopmaniainstallandactivatecallback function in all versions up to, and including, 1.4.9. This makes it possible for authenticated attackers, with...

8.8CVSS0.01683EPSS
Exploits2References4
CNNVD
CNNVD
added 2024/11/09 12:0 a.m.7 views

WordPress plugin Th Shop Mania 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

8.8CVSS9AI score0.01683EPSS
Exploits2References5
Patchstack
Patchstack
added 2024/11/08 10:37 p.m.6 views

WordPress Th Shop Mania theme <= 1.4.9 - Authenticated (Subscriber+) Arbitrary Plugin Installation/Activation vulnerability

Authenticated Subscriber+ Arbitrary Plugin Installation/Activation vulnerability discovered by Sean Murphy, Kevin Murphy knmurphy in WordPress Theme Th Shop Mania versions = 1.4.9...

8.8CVSS7AI score0.01683EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2024/11/08 12:0 a.m.18 views

WordPress Th Shop Mania Theme <= 1.4.9 is vulnerable to Arbitrary Code Execution

Software Th Shop Mania Type Theme Vulnerable versions = 1.4.9 Fixed in 1.5.0 OWASP Top 10 A7: Identification and Authentication Failures Classification Arbitrary Code Execution CVE CVE-2024-10674 Patch priority High CVSS severity High 6.5 Developer Claim ownership PSID 314680b4b995 Credits Sean...

8.8CVSS6.7AI score0.01683EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder