CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Upperthemes: Security Vulnerabilities

CVE-2018-21013

The Swape theme before 1.2.1 for WordPress has incorrect access control, as demonstrated by allowing new administrator accounts via vectors involving xmlPath to wp-admin/admin-ajax.php.

CVSS Score

9.8

EPSS Score

0.008

Published

2019-09-09

Page 1

Vulnerabilities

Vulnerable Software

Upperthemes: Security Vulnerabilities

Products

Pricing

Contact Us