Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 9:28 a.m.6 views

CVE-2024-12263

The Child Theme Creator by Orbisius plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the clouddelete and cloudupdate functions in all versions up to, and including, 1.5.5. This makes it possible for authenticated attackers, with...

4.3CVSS6.5AI score0.0034EPSS
Exploits0References1
Circl
Circl
added 2024/12/12 6:27 a.m.6 views

CVE-2024-12263

creationtimestamp| type| source ---|---|--- 2024-12-12 06:27:28+00:00| seen| https://infosec.exchange/users/cve/statuses/113638430631222337 2024-12-12 07:58:32+00:00| seen| https://t.me/cvedetector/12733...

4.3CVSS8.7AI score0.0034EPSS
Exploits0References2
Cvelist
Cvelist
added 2024/12/12 5:24 a.m.15 views

CVE-2024-12263 Child Theme Creator by Orbisius <= 1.5.5 - Missing Authorization to Authenticated (Subscriber+) Cloud Snippet Update/Delete

The Child Theme Creator by Orbisius plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the clouddelete and cloudupdate functions in all versions up to, and including, 1.5.5. This makes it possible for authenticated attackers, with...

4.3CVSS0.0034EPSS
Exploits0References2
CVE
CVE
added 2024/12/12 5:24 a.m.43 views

CVE-2024-12263

CVE-2024-12263 affects the WordPress plugin Child Theme Creator by Orbisius . The issue is a missing capability check in the cloud_delete() and cloud_update() functions, enabling authenticated attackers with Subscriber-level access and above to modify or delete cloud snippets. The vulnerability w...

4.3CVSS6.5AI score0.0034EPSS
Exploits0References2
Rows per page
Query Builder