Name of the Vulnerable Software and Affected Versions:

LiquidThemes WordPress plugins and themes (affected versions not specified)

Description:

Multiple plugins and/or themes developed by LiquidThemes for WordPress are susceptible to unauthorized access due to the absence of a capability check within the `liquid reset wordpress before` AJAX function. This allows authenticated attackers with Subscriber-level access or higher to deactivate all plugins on a WordPress site. The developer implemented a nonce check as a mitigation, but this measure is insufficient as the nonce is exposed to users with dashboard access.

Recommendations:

At the moment, there is no information about a newer version that contains a fix for this vulnerability.