Primary

Context

AivahThemes Anona WordPress Theme Path Traversal Vulnerability

Vulnerability

A path traversal vulnerability has been identified in the AivahThemes Anona WordPress theme, affecting versions through 8.0. This vulnerability allows for improper limitation of pathname, potentially leading to arbitrary file deletion. Exploiting this issue could enable a malicious actor to delete files from the website, including core files, which could disrupt the site's functionality.

Impact

Exploitation of this vulnerability could result in arbitrary file deletion from the affected WordPress site, with the potential to delete critical core files and disrupt site operations.

Remediation

Users are advised to update to a version of the AivahThemes Anona WordPress theme that is not vulnerable. Patchstack has issued a mitigation rule to block attacks targeting this vulnerability until an official fix is available.

Added: Jan 22, 2026, 5:18 PM

Updated: Jan 22, 2026, 5:18 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.4

exploitability

7.4

remediation

0.0

relevance

2.2

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.4

exploitability

7.4

remediation

0.0

relevance

2.2

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

AivahThemes Anona WordPress Theme Path Traversal Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating