[HIGH] baserCMS Path Traversal Leads to Arbitrary File Write and RCE via Theme File API

PKSA-6jcy-61hj-18tr CVE-2026-30940 GHSA-c5c6-37vq-pjcq

Affected package: baserproject/basercms

Affected version: <=5.2.2

Reported by:
GitHub