Deactivate and delete. The vendor ignores the vulnerability reports, avoids any conversation.
FearZzZz discovered and reported this Broken Access Control vulnerability in WordPress Uncode Lite Theme. This vulnerability has not been known to be fixed yet.
CrossSite Request Forgery (CSRF) leading to Arbitrary Plugin Activation/Deactivation
24.01.2022
Arbitrary File Upload vulnerability
28.11.2021