Tobias Westphal

**Name of the Vulnerable Software and Affected Versions** ThemeREX Addons plugin versions prior to 2020-03-09 **Description** The issue concerns a lack of access control on the "/trx addons/v2/get/sc layout" API endpoint, allowing any user to execute PHP functions. This is due to the `trx addons rest get sc layout` function being called with an unsafe `sc` parameter in the includes/plugin.rest-api.php file. **Recommendations** For ThemeREX Addons plugin versions prior to 2020-03-09, update to a version released after 2020-03-09 to resolve the issue. As a temporary workaround, consider restricting access to the "/trx addons/v2/get/sc layout" API endpoint to minimize the risk of exploitation.