Sonaar
Monthly
Privilege escalation in the Sonaar WordPress theme through version 4.27.4 allows an authenticated low-privileged user (Subscriber role) to elevate their permissions, gaining administrative control over the WordPress site. The flaw is categorized as CWE-266 (Incorrect Privilege Assignment) and was disclosed via Patchstack; no public exploit identified at time of analysis, but the low attacker prerequisites (any Subscriber account, which is often self-registerable on WordPress sites) make this a meaningful risk for affected installations.
Reflected or stored cross-site scripting in the Sonaar WordPress theme versions 4.27.4 and earlier allows remote unauthenticated attackers to inject malicious script into pages rendered to victims who follow a crafted link or interact with attacker-controlled content. The CVSS scope-change vector (S:C) indicates the injected script can impact resources beyond the vulnerable component, such as the WordPress admin session of a logged-in user. No public exploit identified at time of analysis, and the issue is not on CISA's KEV list.
Privilege escalation in the Sonaar WordPress theme through version 4.27.4 allows an authenticated low-privileged user (Subscriber role) to elevate their permissions, gaining administrative control over the WordPress site. The flaw is categorized as CWE-266 (Incorrect Privilege Assignment) and was disclosed via Patchstack; no public exploit identified at time of analysis, but the low attacker prerequisites (any Subscriber account, which is often self-registerable on WordPress sites) make this a meaningful risk for affected installations.
Reflected or stored cross-site scripting in the Sonaar WordPress theme versions 4.27.4 and earlier allows remote unauthenticated attackers to inject malicious script into pages rendered to victims who follow a crafted link or interact with attacker-controlled content. The CVSS scope-change vector (S:C) indicates the injected script can impact resources beyond the vulnerable component, such as the WordPress admin session of a logged-in user. No public exploit identified at time of analysis, and the issue is not on CISA's KEV list.