GHSA-g2vm-hcjg-cch9

Опубликовано: 22 окт. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 8.2

Описание

Improper Control of Generation of Code ('Code Injection') vulnerability in Bearsthemes Alone alone allows Code Injection.This issue affects Alone: from n/a through <= 7.8.3.

Ссылки

https://nvd.nist.gov/vuln/detail/CVE-2025-60206
https://patchstack.com/database/Wordpress/Theme/alone/vulnerability/wordpress-alone-theme-7-8-3-remote-code-execution-rce-vulnerability?_s_id=cve
https://vdp.patchstack.com/database/Wordpress/Theme/alone/vulnerability/wordpress-alone-theme-7-8-3-remote-code-execution-rce-vulnerability
https://vdp.patchstack.com/database/Wordpress/Theme/alone/vulnerability/wordpress-alone-theme-7-8-3-remote-code-execution-rce-vulnerability?_s_id=cve

EPSS

Процентиль: 22%

0.00071

Низкий

8.2 High

CVSS3

CVE ID

CVE-2025-60206

Дефекты

CWE-94

Связанные уязвимости

CVE-2025-60206

CVSS3: 10

nvd

4 месяца назад

Improper Control of Generation of Code ('Code Injection') vulnerability in Bearsthemes Alone alone allows Code Injection.This issue affects Alone: from n/a through <= 7.8.3.

EPSS

Процентиль: 22%

0.00071

Низкий

8.2 High

CVSS3

CVE ID

CVE-2025-60206

Дефекты

CWE-94