3 matches found
CVE-2023-0467
The CVE concerns the WordPress plugin WP Dark Mode, versions prior to 4.0.8. Root cause: the plugin does not properly sanitize the style parameter in shortcodes that load a PHP template, enabling Local File Inclusion (LFI). Impact: LFI could allow an attacker to traverse non-existent directories ...
CVE-2024-5449
CVE-2024-5449 affects the WP Dark Mode – WordPress Dark Mode Plugin for WordPress. A missing capability check in wpdm_social_share_save_options allows authenticated users with Subscriber-level access and above to modify the plugin’s settings, impacting data integrity across all versions up to 5.0...
CVE-2022-4714
CVE-2022-4714 affects the WP Dark Mode WordPress plugin, versions