Vulnerabilities > Orbisius > Child Theme Creator > 1.5.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-08-18 | CVE-2024-43276 | Cross-site Scripting vulnerability in Orbisius Child Theme Creator Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Svetoslav Marinov (Slavi) Child Theme Creator allows Reflected XSS.This issue affects Child Theme Creator: from n/a through 1.5.4. | 6.1 |
| 2020-11-16 | CVE-2020-28649 | Cross-Site Request Forgery (CSRF) vulnerability in Orbisius Child Theme Creator The orbisius-child-theme-creator plugin before 1.5.2 for WordPress allows CSRF via orbisius_ctc_theme_editor_manage_file. | 8.8 |