Themes Vulnerabilities
Mesmerize & Materialis Themes - Authenticated Options Update
Description
Discovered by NinTechNet, both the Mesmerize and Materialis WordPress themes were affected by an authenticated options update vulnerability. This could allow a lower privileged user to update site options, which they should not be permitted to.
Affects Themes
Fixed in 1.6.90
Fixed in 1.0.173
References
Miscellaneous
Original Researcher
NinTechNet
Verified
No
WPVDB ID
Timeline
Publicly Published
2019-12-02 (about 4 years ago)
Added
2019-12-02 (about 4 years ago)
Last Updated
2023-06-08 (about 11 months ago)