CVE-2025-1682 | ThemeMakers Car Dealer Automotive Theme up to 1.6.4 on WordPress Setting save_settings authorization

Posted by Angelo Barbosa | Feb 28, 2025 | CVE

A vulnerability classified as critical was found in ThemeMakers Car Dealer Automotive Theme up to 1.6.4 on WordPress. Affected by this vulnerability is the function save_settings of the component Setting Handler. The manipulation leads to missing authorization.

This vulnerability is known as CVE-2025-1682. The attack can be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-1682 | ThemeMakers Car Dealer Automotive Theme up to 1.6.4 on WordPress Setting save_settings authorization

Related Posts

CVE-2024-30998 | PHPGurukul Men Salon Management System 2.0 index.php email sql injection

CVE-2024-6958 | itsourcecode University Management System 1.0 Avatar File /st_update.php personal_image unrestricted upload

CVE-2024-38526 | mitmproxy pdoc up to 14.5.0 polyfill.io vulnerable third-party component (GHSA-5vgj-ggm4-fg62)

CVE-2024-46962 | SYQ Master Video Downloader up to 2.0 on Android SpeedMainAct Privilege Escalation