100 matches found
WordPress WP Child Theme Generator < 1.1.3 - Arbitrary File Upload
Unrestricted Upload of File with Dangerous Type vulnerability in WEN Solutions WP Child Theme Generator.This issue affects WP Child Theme Generator- from n/a through 1.0.9. id: CVE-2023-47873 info: name: WordPress WP Child Theme Generator 1.1.3 - Arbitrary File Upload author: cysamu,Crux severity...
CVE-2026-6812
The Ona theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.26 via the onaactivatechildtheme. This makes it possible for authenticated attackers, with administrator-level access and above, to make web requests to arbitrary locations originating...
EUVD-2026-26747
The Ona theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.26 via the onaactivatechildtheme. This makes it possible for authenticated attackers, with administrator-level access and above, to make web requests to arbitrary locations originating...
PT-2026-36579
The Ona theme for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.26 via the ona activate child theme. This makes it possible for authenticated attackers, with administrator-level access and above, to make web requests to arbitrary locations...
WordPress Child Theme Creator by Orbisius plugin <= 1.5.5 - Missing Authorization to Authenticated (Subscriber+) Cloud Snippet Update/Delete vulnerability
Missing Authorization to Authenticated Subscriber+ Cloud Snippet Update/Delete vulnerability discovered by Tieu Pham Trong Nhan - TechlabCorp in WordPress Plugin Child Theme Creator versions = 1.5.5...
EUVD-2020-21047
Malware in sbrugna...
EUVD-2015-9296
Malware in sbrugna...
EUVD-2019-6739
Malware in sbrugna...
EUVD-2021-11894
Malware in sbrugna...
EUVD-2024-50727
Malicious code in bioql PyPI...
EUVD-2024-32189
Malicious code in bioql PyPI...
EUVD-2024-29175
Malicious code in bioql PyPI...
EUVD-2024-40168
Malicious code in bioql PyPI...
EUVD-2025-15747
Malicious code in bioql PyPI...
CVE-2024-31279
Cross-Site Request Forgery CSRF vulnerability in Catch Plugins Generate Child Theme.This issue affects Generate Child Theme: from n/a through 2.0...
CVE-2024-12263
The Child Theme Creator by Orbisius plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the clouddelete and cloudupdate functions in all versions up to, and including, 1.5.5. This makes it possible for authenticated attackers, with...
CVE-2024-3610
The WP Child Theme Generator plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wctgeasychildtheme function in all versions up to, and including, 1.1.1. This makes it possible for unauthenticated attackers to create a blank child theme...
CVE-2023-47873
Unrestricted Upload of File with Dangerous Type vulnerability in WEN Solutions WP Child Theme Generator.This issue affects WP Child Theme Generator: from n/a through 1.0.9...
CVE-2015-9456
The orbisius-child-theme-creator plugin before 1.2.8 for WordPress has incorrect access control for file modification via the wp-admin/admin-ajax.php?action=orbisiusctcthemeeditorajax⊂cmd=savefile theme1, theme1file, or theme1filecontents parameter...
CVE-2025-39375
Cross-Site Request Forgery CSRF vulnerability in Ashok G Easy Child Theme Creator easy-child-theme-creator allows Cross Site Request Forgery.This issue affects Easy Child Theme Creator: from n/a through = 1.3.1...