Car Zone
Monthly
Arbitrary file deletion in the Car Zone WordPress theme (versions through 3.7) by Aivah Themes lets remote, unauthenticated attackers remove files on the underlying server through a path-traversal flaw. The CVSS:3.1 vector (AV:N/AC:L/PR:N/UI:N/S:C/A:H) reflects that file deletion crosses scope into the broader WordPress installation, enabling denial-of-service or forced reinstall scenarios. No public exploit identified at time of analysis and the CVE is not in CISA KEV.
Arbitrary file deletion in the Car Zone WordPress theme (versions through 3.7) by Aivah Themes lets remote, unauthenticated attackers remove files on the underlying server through a path-traversal flaw. The CVSS:3.1 vector (AV:N/AC:L/PR:N/UI:N/S:C/A:H) reflects that file deletion crosses scope into the broader WordPress installation, enabling denial-of-service or forced reinstall scenarios. No public exploit identified at time of analysis and the CVE is not in CISA KEV.