Description
Subscriber Arbitrary File Upload in Restaurt <= 1.0.4 versions.
Published: 2026-06-17
Score: 9.9 Critical
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A vulnerability exists in the Restaurt WordPress theme that allows an authenticated subscriber to upload files to the server without proper validation. The flaw, limited to themes 1.0.4 and earlier, permits the placement of arbitrary files on the web server. The potential impact is significant because the uploaded file could be an executable script or other malicious content that, if later accessed, might run with the server’s privileges. The CVSS score of 9.9 indicates that this weakness could enable remote code execution, even though the description does not detail the exact execution path; the medium for the impact is therefore inferred from the severity rating.

Affected Systems

The issue affects installations of the Restaurt theme distributed by Zozothemes, specifically all releases version 1.0.4 and earlier. WordPress sites that have not upgraded past this version are susceptible to the arbitrary file upload flaw.

Risk and Exploitability

The CVSS score of 9.9 classifies the vulnerability as critical, and the highest likelihood of exploitation is through the theme’s web interface by any authenticated subscriber. EPSS is not available, and the vulnerability is not listed in the CISA KEV catalog. An attacker can submit a crafted file through the upload function, and if the server simply stores or serves the file without further checks, the risk of executing malicious code is high, especially if the file lands in a directory accessible via the web.

Generated by OpenCVE AI on June 18, 2026 at 14:11 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade the Restaurt theme to a version that removes the open file upload functionality.
  • If an upgrade is not possible immediately, disable or remove the upload feature for subscriber users and restrict file uploads to administrators only.
  • Apply server‑side file type checks and size limits to reject all unexpected uploads, ensuring that only safe image or media types are accepted.

Generated by OpenCVE AI on June 18, 2026 at 14:11 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sun, 21 Jun 2026 09:45:00 +0000

Type Values Removed Values Added
First Time appeared Wordpress
Wordpress wordpress
Zozothemes
Zozothemes restaurt
Vendors & Products Wordpress
Wordpress wordpress
Zozothemes
Zozothemes restaurt

Wed, 17 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 17 Jun 2026 11:15:00 +0000

Type Values Removed Values Added
Description Subscriber Arbitrary File Upload in Restaurt <= 1.0.4 versions.
Title WordPress Restaurt theme <= 1.0.4 - Arbitrary File Upload vulnerability
Weaknesses CWE-434
References
Metrics cvssV3_1

{'score': 9.9, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H'}


Subscriptions

Wordpress Wordpress
Zozothemes Restaurt
cve-icon MITRE

Status: PUBLISHED

Assigner: Patchstack

Published:

Updated: 2026-06-17T12:36:49.436Z

Reserved: 2026-01-07T12:21:02.765Z

Link: CVE-2026-22327

cve-icon Vulnrichment

Updated: 2026-06-17T12:36:43.928Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-20T23:04:41Z

Weaknesses
  • CWE-434

    Unrestricted Upload of File with Dangerous Type