Volerion logoVolerion
Volerion logoVolerion

AgniHD Cartify WooCommerce Gutenberg WordPress Theme Missing Authorization Vulnerability Allowing Arbitrary Content Deletion

Vulnerability

A missing authorization vulnerability has been identified in the AgniHD Cartify WooCommerce Gutenberg WordPress Theme, affecting versions through 1.3. This vulnerability arises from incorrectly configured access control, allowing unauthorized deletion of content such as images, posts, or pages.

Impact

Exploitation of this vulnerability could lead to unauthorized deletion of content from affected WordPress sites, including images, posts, or pages.

Remediation

Users are advised to update to a version of the AgniHD Cartify WooCommerce Gutenberg WordPress Theme that is later than 1.3. For those using Patchstack, a mitigation rule has been issued to block attacks until an official patch is available.

Added: Feb 20, 2026, 4:35 PM
Updated: Feb 20, 2026, 6:26 PM

Vulnerability Rating

Custom Algorithm
spread
0.0
impact
2.5
exploitability
5.2
remediation
0.0
relevance
3.2
threat
0.0
urgency
2.9
incentive
0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.