107 matches found
WordPress WP Child Theme Generator < 1.1.3 - Arbitrary File Upload
Unrestricted Upload of File with Dangerous Type vulnerability in WEN Solutions WP Child Theme Generator.This issue affects WP Child Theme Generator- from n/a through 1.0.9. id: CVE-2023-47873 info: name: WordPress WP Child Theme Generator 1.1.3 - Arbitrary File Upload author: cysamu,Crux severity...
CVE-2026-57655
Unauthenticated Cross Site Request Forgery CSRF in Child Theme Wizard = 1.4 versions...
CVE-2026-57655
The CVE-2026-57655 entry concerns the WordPress plugin WordPress Child Theme Wizard (versions
CVE-2026-57655
Unauthenticated Cross Site Request Forgery CSRF in Child Theme Wizard = 1.4 versions...
EUVD-2026-39770
Unauthenticated Cross Site Request Forgery CSRF in Child Theme Wizard = 1.4 versions...
CVE-2026-57655 WordPress Child theme Wizard plugin <= 1.4 - Cross Site Request Forgery (CSRF) vulnerability
Unauthenticated Cross Site Request Forgery CSRF in Child Theme Wizard = 1.4 versions...
WordPress Child theme Wizard plugin <= 1.4 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Ananda Dhakal Patchstack in WordPress Plugin Child Theme Wizard versions = 1.4...
PT-2026-52825
Name of the Vulnerable Software and Affected Versions Child Theme Wizard versions 1.4 and earlier Description An unauthenticated Cross Site Request Forgery CSRF exists, which allows attackers to force users to execute unwanted actions. CSRF is a type of attack that tricks a victim into submitting...
EUVD-2026-26747
The Ona theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.26 via the onaactivatechildtheme. This makes it possible for authenticated attackers, with administrator-level access and above, to make web requests to arbitrary locations originating...
CVE-2026-6812
The Ona theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.26 via the onaactivatechildtheme. This makes it possible for authenticated attackers, with administrator-level access and above, to make web requests to arbitrary locations originating...
PT-2026-36579
The Ona theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.26 via the ona activate child theme. This makes it possible for authenticated attackers, with administrator-level access and above, to make web requests to arbitrary locations...
WordPress Child Theme Creator by Orbisius plugin <= 1.5.5 - Missing Authorization to Authenticated (Subscriber+) Cloud Snippet Update/Delete vulnerability
Missing Authorization to Authenticated Subscriber+ Cloud Snippet Update/Delete vulnerability discovered by Tieu Pham Trong Nhan - TechlabCorp in WordPress Plugin Child Theme Creator versions = 1.5.5...
EUVD-2020-21047
Malware in sbrugna...
EUVD-2019-6739
Malware in sbrugna...
EUVD-2021-11894
Malware in sbrugna...
EUVD-2015-9296
Malware in sbrugna...
EUVD-2024-40168
Malicious code in bioql PyPI...
EUVD-2024-29175
Malicious code in bioql PyPI...
EUVD-2024-50727
Malicious code in bioql PyPI...
EUVD-2024-32189
Malicious code in bioql PyPI...