What the vulnerability does
01Description
Missing Authorization vulnerability in themeton The Business allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects The Business: from n/a through 1.6.1.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
What the vulnerability does
Missing Authorization vulnerability in themeton The Business allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects The Business: from n/a through 1.6.1.
Explanation of Vulnerability in Simple Terms
The Business theme for WordPress contains a missing authorization flaw that allows unauthenticated attackers to modify site content over the network. No special conditions or user interaction are required. The vulnerability affects versions up to 1.6.1. Site administrators should update to a version newer than 1.6.1 to remediate this issue.
What an attacker can do
Modify site content without authentication.
Potential impact on your site
Attackers can alter your site's content without logging in, potentially defacing pages or injecting malicious material.
Conditions required to exploit
Network access only; no authentication or user interaction required.
Key dates
External resources