What the vulnerability does
01Description
Unauthenticated Local File Inclusion in Pearl - Corporate Business <= 3.4.10 versions.
CVSS base score
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
What the vulnerability does
Unauthenticated Local File Inclusion in Pearl - Corporate Business <= 3.4.10 versions.
Explanation of Vulnerability in Simple Terms
Pearl – Corporate Business theme versions up to 3.4.10 contain a vulnerability that allows unauthenticated attackers to read sensitive data, modify site content, or disrupt service availability. The attack requires specific technical conditions but no user interaction. Site administrators should update immediately to a version newer than 3.4.10.
What an attacker can do
Read sensitive data, modify site content, or cause the site to become unavailable without needing to log in.
Potential impact on your site
Confidential data exposure, unauthorized content changes, or service disruption affecting your site's availability and integrity.
Conditions required to exploit
Network access to the site; specific technical conditions must be met (attack complexity is high).
Key dates
External resources
Related vulnerabilities