CVE-2025-5394P1CRITICALCVSS 9.8ExploitedPoC≤ 2.0.02025-07-15
CVE-2025-5394 [CRITICAL] CWE-862 CVE-2025-5394: The Alone – Charity Multipurpose Non-profit WordPress Theme theme for WordPress is vulnerable to arb
The Alone – Charity Multipurpose Non-profit WordPress Theme theme for WordPress is vulnerable to arbitrary file uploads due to a missing capability check on the alone_import_pack_install_plugin() function in all versions up to, and including, 7.8.3. This makes it possible for unauthenticated attackers to upload zip files containing webshells disguis
nvd