Lucene search

CVE-2020-28649

🗓️ 16 Nov 2020 04:12:15Reported by [email protected]Type

The orbisius-child-theme-creator plugin for WordPress is vulnerable to CSRF via orbisius_ctc_theme_editor_manage_file

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 6
Prion	Cross site request forgery (csrf)	16 Nov 202004:15	–	prion
Cvelist	CVE-2020-28649	16 Nov 202002:50	–	cvelist
WPVulnDB	Child Theme Creator by Orbisius < 1.5.2 - CSRF to Arbitrary File Modification/Creation	14 Oct 202000:00	–	wpvulndb
CVE	CVE-2020-28649	16 Nov 202004:15	–	cve
wpexploit	Child Theme Creator by Orbisius < 1.5.2 - CSRF to Arbitrary File Modification/Creation	14 Oct 202000:00	–	wpexploit
RedhatCVE	CVE-2020-28649	5 Feb 202514:05	–	redhatcve

Nvd

Node

orbisius child_theme_creatorRange<1.5.2wordpress

Source	Link
wordfence	www.wordfence.com/blog/2020/10/high-severity-vulnerability-patched-in-child-theme-creator-by-orbisius/
wordpress	www.wordpress.org/plugins/orbisius-child-theme-creator/

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

16 Nov 2020 04:15Current

8.9High risk

Vulners AI Score8.9

CVSS26.8

CVSS38.8

EPSS0.003

CWE-352