Instant Va
Monthly
A path traversal vulnerability in designingmedia Instant VA (a WordPress theme) allows attackers to access and manipulate files outside the intended restricted directory through improper pathname validation. This vulnerability affects Instant VA versions up to and including 1.0.1, enabling potential arbitrary file deletion or unauthorized file access depending on server permissions. While no CVSS or EPSS scoring has been assigned and KEV status is unknown, the vulnerability has been documented by Patchstack with a functional reference to the Instant VA theme, indicating active research and potential proof-of-concept availability.
A path traversal vulnerability in designingmedia Instant VA (a WordPress theme) allows attackers to access and manipulate files outside the intended restricted directory through improper pathname validation. This vulnerability affects Instant VA versions up to and including 1.0.1, enabling potential arbitrary file deletion or unauthorized file access depending on server permissions. While no CVSS or EPSS scoring has been assigned and KEV status is unknown, the vulnerability has been documented by Patchstack with a functional reference to the Instant VA theme, indicating active research and potential proof-of-concept availability.