WordPress · Greyd.Suite · CVE-2022-2180
**Name of the Vulnerable Software and Affected Versions**
GREYD.SUITE WordPress theme (affected versions not specified)
**Description**
The issue concerns the GREYD.SUITE WordPress theme, which fails to properly validate uploaded custom font packages and does not perform authorization or CSRF checks. This allows an unauthenticated attacker to upload arbitrary files, including PHP source files, potentially leading to remote code execution (RCE).
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.