CVE-2026-25009 WordPress Education Zone theme <= 1.3.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in raratheme Education Zone education-zone allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Education Zone: from n/a through = 1.3.8...

WordPress Education Zone Theme <= 1.3.4 is vulnerable to Cross Site Request Forgery (CSRF)

Software Education Zone Type Theme Vulnerable versions = 1.3.4 Fixed in 1.3.5 OWASP Top 10 A1: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-37103 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 2d545d5d9f5a Credits Dhabaleshwar Das...