PT-2020-9884 · WordPress · Onetone

Jerome Bruandet

Published

2020-04-03

Updated

2020-08-24

CVE-2019-17230

CVSS v3.1

5.3

Medium

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions OneTone theme versions 3.0.6 and earlier for WordPress

Description The issue allows unauthenticated options changes due to a problem in the includes/theme-functions.php file.

Recommendations For OneTone theme versions 3.0.6 and earlier, update to a version later than 3.0.6 to resolve the issue.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

CVE-2019-17230

Onetone