WordPress VMag theme <= 1.2.7 - Authenticated Arbitrary Plugin Activation/Deactivation vulnerability

Authenticated Arbitrary Plugin Activation/Deactivation vulnerability discovered by Ex.Mi Patchstack in WordPress VMag theme versions = 1.2.7. Solution Deactivate and delete. The vendor ignores the vulnerability reports, avoids any conversation...