4
CVSSv2

CVE-2015-9456

Published: 07/10/2019 Updated: 10/10/2019
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8
VMScore: 356
Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N

Vulnerability Summary

The orbisius-child-theme-creator plugin prior to 1.2.8 for WordPress has incorrect access control for file modification via the wp-admin/admin-ajax.php?action=orbisius_ctc_theme_editor_ajax&sub_cmd=save_file theme_1, theme_1_file, or theme_1_file_contents parameter.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

orbisius child theme creator