Vulnerabilities > Thinkupthemes

DATE	CVE	VULNERABILITY TITLE	RISK
2022-02-07	CVE-2021-24947	Unrestricted Upload of File with Dangerous Type vulnerability in Thinkupthemes Responsive Vector Maps The RVM WordPress plugin before 6.4.2 does not have proper authorisation, CSRF checks and validation of the rvm_upload_regions_file_path parameter in the rvm_import_regions AJAX action, allowing any authenticated user, such as subscriber, to read arbitrary files on the web server network low complexity thinkupthemes CWE-434	6.5

Vulnerabilities > Thinkupthemes {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Thinkupthemes"}]}