CVE ID :CVE-2025-15445 Published : March 28, 2026, 6:16 a.m. | 1 hour, 46 minutes ago Description :The Restaurant Cafeteria WordPress theme through 0.4.6 exposes insecure admin-ajax actions without nonce or capability checks, allowing any logged-in user, like subscriber, to perform privileged operations. An attacker can install and activate a from a user-supplied URL, leading to arbitrary PHP code execution, and also import demo content that rewrites site configuration, including Restaurant Cafeteria WordPress theme through 0.4.6_mods, pages, menus, and front page settings. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...