Kuteshop
Monthly
Missing Authorization vulnerability in kutethemes KuteShop kuteshop allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects KuteShop: from n/a through <= 4.2.9.
Local File Inclusion vulnerability in KuteShop WordPress theme versions ≤4.2.9 enables authenticated attackers with low privileges to include arbitrary PHP files through improper filename control in require/include statements. Exploitation requires high attack complexity and yields complete confidentiality, integrity, and availability compromise within the application context. No public exploit identified at time of analysis. EPSS 0.05% indicates low observed exploitation activity.
Missing Authorization vulnerability in kutethemes KuteShop kuteshop allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects KuteShop: from n/a through <= 4.2.9.
Local File Inclusion vulnerability in KuteShop WordPress theme versions ≤4.2.9 enables authenticated attackers with low privileges to include arbitrary PHP files through improper filename control in require/include statements. Exploitation requires high attack complexity and yields complete confidentiality, integrity, and availability compromise within the application context. No public exploit identified at time of analysis. EPSS 0.05% indicates low observed exploitation activity.