Multiple Authenticated Arbitrary File Download vulnerabilities found by Nguyen Van Khanh and WPScan security research team in WordPress Theme Editor plugin (versions <= 2.5).
Solution
Update the WordPress Theme Editor plugin to the latest available version (at least 2.6).
Found a vulnerability that puts your sites at risk?