Wensolutions Wp Child Theme Generator vulnerabilities
2 known vulnerabilities affecting wensolutions/wp_child_theme_generator.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2023-47873P3HIGHCVSS 7.2PoCfixed in 1.1.32024-03-26
CVE-2023-47873 [HIGH] CWE-434 CVE-2023-47873: Unrestricted Upload of File with Dangerous Type vulnerability in WEN Solutions WP Child Theme Genera
Unrestricted Upload of File with Dangerous Type vulnerability in WEN Solutions WP Child Theme Generator.This issue affects WP Child Theme Generator: from n/a through 1.0.9.
nvd
CVE-2024-3610P4MEDIUMCVSS 5.3fixed in 1.1.22024-06-21
CVE-2024-3610 [MEDIUM] CWE-862 CVE-2024-3610: The WP Child Theme Generator plugin for WordPress is vulnerable to unauthorized modification of data
The WP Child Theme Generator plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the wctg_easy_child_theme() function in all versions up to, and including, 1.1.1. This makes it possible for unauthenticated attackers to create a blank child theme and activate it cause the site to whitescreen.
nvd