Vulnerabilities > Orbisius

DATE	CVE	VULNERABILITY TITLE	RISK
2024-08-18	CVE-2024-43276	Cross-site Scripting vulnerability in Orbisius Child Theme Creator Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Svetoslav Marinov (Slavi) Child Theme Creator allows Reflected XSS.This issue affects Child Theme Creator: from n/a through 1.5.4. network low complexity orbisius CWE-79	6.1
2020-11-16	CVE-2020-28649	Cross-Site Request Forgery (CSRF) vulnerability in Orbisius Child Theme Creator The orbisius-child-theme-creator plugin before 1.5.2 for WordPress allows CSRF via orbisius_ctc_theme_editor_manage_file. network low complexity orbisius CWE-352	8.8
2019-10-07	CVE-2015-9456	Incorrect Permission Assignment for Critical Resource vulnerability in Orbisius Child Theme Creator The orbisius-child-theme-creator plugin before 1.2.8 for WordPress has incorrect access control for file modification via the wp-admin/admin-ajax.php?action=orbisius_ctc_theme_editor_ajax&sub_cmd=save_file theme_1, theme_1_file, or theme_1_file_contents parameter. network low complexity orbisius CWE-732	6.5

Vulnerabilities > Orbisius {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Orbisius"}]}