CVE-2024-10674P2HIGHCVSS 8.8≤ 1.4.92024-11-09
CVE-2024-10674 [HIGH] CWE-862 CVE-2024-10674: The Th Shop Mania theme for WordPress is vulnerable to unauthorized arbitrary plugin installation du
The Th Shop Mania theme for WordPress is vulnerable to unauthorized arbitrary plugin installation due to a missing capability check on the th_shop_mania_install_and_activate_callback() function in all versions up to, and including, 1.4.9. This makes it possible for authenticated attackers, with Subscriber-level access and above, to install arbitrary p
nvd