Orbisius: >> Child Theme Creator >> 1.3.4 Security Vulnerabilities
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Svetoslav Marinov (Slavi) Child Theme Creator allows Reflected XSS.This issue affects Child Theme Creator: from n/a through 1.5.4.
CVSS Score
7.1
EPSS Score
0.001
Published
2024-08-18
The orbisius-child-theme-creator plugin before 1.5.2 for WordPress allows CSRF via orbisius_ctc_theme_editor_manage_file.
CVSS Score
8.8
EPSS Score
0.003
Published
2020-11-16