Vw Food Corner
Monthly
Missing authorization controls in the VW Food Corner WordPress theme (versions through 1.1.0) permit unauthenticated remote attackers to invoke restricted theme functionality without valid access credentials, resulting in availability impact. Reported by Patchstack and classified under CWE-862, the flaw stems from incorrectly configured access control levels that fail to verify caller identity or capability before executing protected actions. No active exploitation has been confirmed by CISA KEV, and no public exploit code has been identified at time of analysis.
Missing authorization controls in the VW Food Corner WordPress theme (versions through 1.1.0) permit unauthenticated remote attackers to invoke restricted theme functionality without valid access credentials, resulting in availability impact. Reported by Patchstack and classified under CWE-862, the flaw stems from incorrectly configured access control levels that fail to verify caller identity or capability before executing protected actions. No active exploitation has been confirmed by CISA KEV, and no public exploit code has been identified at time of analysis.