2 matches found
WordPress EightLaw Lite theme <= 2.1.5 - Authenticated Arbitrary Plugin Activation/Deactivation vulnerability
Authenticated Arbitrary Plugin Activation/Deactivation vulnerability discovered by Ex.Mi Patchstack in WordPress EightLaw Lite theme versions = 2.1.5. Solution Deactivate and delete. The vendor ignores the vulnerability reports, avoids any conversation...
WordPress EightLaw Lite theme <= 2.1.5 - Cross-Site Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
Cross-Site Request Forgery CSRF leading to Arbitrary Plugin Activation/Deactivation discovered by Ex.Mi Patchstack in WordPress EightLaw Lite theme versions = 2.1.5. Solution Deactivate and delete. The vendor ignores the vulnerability reports avoids any conversation...