WordPress Charety theme < 2.0.2 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Charety versions 2.0.2...

VulnCheck KEV: CVE-2025-5394

The Alone – Charity Multipurpose Non-profit WordPress Theme theme for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the aloneimportpackinstallplugin function in all versions up to, and including, 7.8.3. This makes it possible for unauthenticated attackers ...

Wordpress Theme Charity Arbitrary File Upload Vulnerability

Exploit for php platform in category web applications Exploit Title: Wordpress Theme Charity Arbitrary File Upload Vulnerability Source: https://github.com/UpThemes/Charity-Theme Author: terrorist Email: email protected Team: GHC - Georgian Hacking Community Category: webapps/php Google dork:...