Restaurt
Monthly
Arbitrary file upload in the Restaurt WordPress theme versions 1.0.4 and earlier allows authenticated users with Subscriber-level privileges to upload arbitrary files, potentially leading to remote code execution on the WordPress host. The CVSS 9.9 score reflects scope-changed impact across confidentiality, integrity, and availability, though no public exploit identified at time of analysis and the vulnerability is not currently listed in CISA KEV.
Arbitrary file upload in the Restaurt WordPress theme versions 1.0.4 and earlier allows authenticated users with Subscriber-level privileges to upload arbitrary files, potentially leading to remote code execution on the WordPress host. The CVSS 9.9 score reflects scope-changed impact across confidentiality, integrity, and availability, though no public exploit identified at time of analysis and the vulnerability is not currently listed in CISA KEV.