CVE-2024-1771
CVE-2024-1771 affects the WordPress Total theme up to version 2.1.59. Root cause: missing capability check in total_order_sections(), enabling authenticated users with subscriber+ access to modify homepage sections. Impact: unauthorized modification of data on the homepage. Mitigation: upgrade to...