Bricks Builder, a WordPress development theme with approximately 25,000 active installations, is vulnerable to unauthenticated remote code execution (RCE) in versions <= 1.9.6. Attackers can exploit this vulnerability to execute arbitrary commands and compromise the server hosting the affected WordPress site.
View the template here CVE-2024-25600.yaml
References:
https://nvd.nist.gov/vuln/detail/CVE-2024-25600