CVE-2024-13643 Zox News <= 3.17.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Modification
The Zox News - Professional WordPress News & Magazine Theme plugin for WordPress is vulnerable to unauthorized data modification. This vulnerability can lead to privilege escalation and denial of service conditions due to missing capability checks on the backupoptions and resetoptions functions i...