SkDevilS

1 exploit Active since Mar 2022
CVE-2022-26965 NOMISEC HIGH WORKING POC
Pluck 4.7.16 - Authenticated Remote Code Execution via Theme Upload
In Pluck 4.7.16, an admin user can use the theme upload functionality at /admin.php?action=themeinstall to perform remote code execution.
CVSS 7.2