ThimPress Thim Core contains a high-severity authorization flaw that permits code execution by low-privileged users.

This is a missing authorization vulnerability where the application fails to perform adequate capability checks. An attacker with low privileges can exploit this to install malicious plugins, resulting in remote code execution on the system.

The CVSS score of 8.8 reflects the significant potential for total system compromise. By gaining the ability to execute code, an attacker can steal sensitive data, modify system configurations, or deploy persistent backdoors, leading to severe reputational and operational damage.

Immediate Action: Update the Thim Core plugin to version 2.3.4 or later immediately.

Proactive Monitoring: Monitor for the unauthorized installation of new plugins and audit user account activity for signs of privilege abuse.

Compensating Controls: Implement a Web Application Firewall (WAF) to block suspicious requests targeting plugin installation or management endpoints.

Public Exploit Available: false

Organizations utilizing ThimPress Thim Core must upgrade to version 2.3.4 immediately. Given the ease with which this vulnerability can lead to code execution, minimizing the attack surface by restricting plugin installation capabilities to administrative roles is highly recommended.