Reflected Cross-Site Scripting (XSS) vulnerability discovered by JrXnm in WordPress Child Theme Generator plugin (versions <= 2.2.7).
Deactivate and delete. This plugin has been closed as of November 18, 2021 and is not available for download. Reason: Security Issue.