Education Base
Monthly
Missing authorization controls in acmethemes Education Base WordPress theme (versions through 3.0.8) allow unauthenticated remote attackers to modify content via incorrectly configured access control checks. The vulnerability affects the theme's access control security levels, enabling attackers to bypass authentication mechanisms and alter data on vulnerable installations. With an EPSS score of 0.02% and no confirmed active exploitation, the real-world risk remains low despite the network-accessible attack vector.
Missing authorization controls in acmethemes Education Base WordPress theme (versions through 3.0.8) allow unauthenticated remote attackers to modify content via incorrectly configured access control checks. The vulnerability affects the theme's access control security levels, enabling attackers to bypass authentication mechanisms and alter data on vulnerable installations. With an EPSS score of 0.02% and no confirmed active exploitation, the real-world risk remains low despite the network-accessible attack vector.