CVE-2026-40749CRITICAL NVDCVSS Score 9.9Severity CRITICALPublished Jun 17, 2026Vendor unknownDescriptionSubscriber Arbitrary File Upload in Charity Zone <= 1.1.1 versions.Referenceshttps://patchstack.com/database/wordpress/theme/charity-zone/vulnerability/wordpress-charity-zone-theme-1-1-1-arbitrary-file-upload-vulnerability?_s_id=cve