Vulnerabilities > CVE-2021-24982 - Unspecified vulnerability in Childtheme-Generator Child Theme Generator

CVSS 6.4 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

childtheme-generator

NVD

Published: 2022-03-14

Updated: 2024-11-21

Summary

The Child Theme Generator WordPress plugin through 2.2.7 does not sanitise escape the parade parameter before outputting it back, leading to a Reflected Cross-Site Scripting in the admin dashboard

Vulnerable Configurations

Part	Description	Count
Application	Childtheme-Generator Childtheme Generator Child Theme Generator *	1

References

https://wpscan.com/vulnerability/8e53f15e-8b6a-4d47-a40d-4ebbe6934286
https://wpscan.com/vulnerability/8e53f15e-8b6a-4d47-a40d-4ebbe6934286