Skip to main content

Restaurt

1 CVEs product

Monthly

CVE-2026-22327 CRITICAL Act Now

Arbitrary file upload in the Restaurt WordPress theme versions 1.0.4 and earlier allows authenticated users with Subscriber-level privileges to upload arbitrary files, potentially leading to remote code execution on the WordPress host. The CVSS 9.9 score reflects scope-changed impact across confidentiality, integrity, and availability, though no public exploit identified at time of analysis and the vulnerability is not currently listed in CISA KEV.

File Upload Restaurt
NVD
CVSS 3.1
9.9
EPSS
0.5%
EPSS 0% CVSS 9.9
CRITICAL Act Now

Arbitrary file upload in the Restaurt WordPress theme versions 1.0.4 and earlier allows authenticated users with Subscriber-level privileges to upload arbitrary files, potentially leading to remote code execution on the WordPress host. The CVSS 9.9 score reflects scope-changed impact across confidentiality, integrity, and availability, though no public exploit identified at time of analysis and the vulnerability is not currently listed in CISA KEV.

File Upload Restaurt
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy