CVE-2025-1682 | ThemeMakers Car Dealer Automotive Theme up to 1.6.4 on WordPress Setting save_settings authorization

Inserito da Angelo Barbosa | Feb 28, 2025 | CVE

A vulnerability classified as critical was found in ThemeMakers Car Dealer Automotive Theme up to 1.6.4 on WordPress. Affected by this vulnerability is the function save_settings of the component Setting Handler. The manipulation leads to missing authorization.

This vulnerability is known as CVE-2025-1682. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-1682 | ThemeMakers Car Dealer Automotive Theme up to 1.6.4 on WordPress Setting save_settings authorization

Post correlati

CVE-2024-3495 | Country State City Dropdown CF7 Plugin up to 2.7.2 on WordPress sql injection

CVE-2024-49338 | IBM App Connect Enterprise up to 12.0.7.0/13.0.1.0 improper management of sensitive trace data

CVE-2024-4569 | Elementor Addon Elements Plugin up to 1.13.5 on WordPress cross site scripting

CVE-2024-56588 | Linux Kernel up to 6.12.4 hisi_sas null pointer dereference