CVE-2025-9202
CVE-2025-9202 affects ColorMag for WordPress (versions ≤ 4.0.19). The vulnerability arises from a missing capability check in the welcome_notice_import_handler(), allowing authenticated users with Subscriber-level access and above to install the ThemeGrill Demo Importer plugin and modify data. Th...