Summary: A critical security vulnerability (CVE-2024-12857) has been identified in the AdForest WordPress theme, allowing attackers to bypass authentication and gain unauthorized access. This flaw affects all versions up to 5.1.8 and poses a significant risk to site security. Users are urged to update to version 5.1.9 to mitigate this threat.
Threat Actor: Unknown | unknown
Victim: AdForest WordPress theme users | AdForest WordPress theme users
Keypoints :
- Vulnerability rated CVSS 9.8 allows unauthenticated access to any user account.
- Attackers can compromise sites, modify content, and steal sensitive information.
- Immediate update to version 5.1.9 is recommended to protect against this flaw.