What the vulnerability does
01Description
Unauthenticated Local File Inclusion in Lighthouse <= 1.2.12 versions.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
What the vulnerability does
Unauthenticated Local File Inclusion in Lighthouse <= 1.2.12 versions.
Explanation of Vulnerability in Simple Terms
AncoraThemes Lighthouse versions up to 1.2.12 contain a vulnerability that allows an attacker to read sensitive data, modify site content, or disrupt service availability. The vulnerability requires complex network conditions to exploit but does not require authentication or user interaction. Site administrators should update to a version newer than 1.2.12 immediately.
What an attacker can do
Read sensitive data, modify site content, or cause the site to become unavailable.
Potential impact on your site
Your site's data confidentiality, integrity, and availability are at risk without a patch.
Conditions required to exploit
Network access; no authentication or user interaction required, but attack complexity is high.
Key dates
External resources
Related vulnerabilities