ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Child Theme Creator Plugin <= 1.2.6 - Arbitrary File Write

Product
Child Theme Creator
Description
Because of this vulnerability, remote authenticated users can write arbitrary content to existing files in theme directory.
Solution
Update this plugin.
Classification
Type Unknown
References
CVE
Name CVE-N/A
Versions
Affected In <= 1.2.6
Fixed In 1.2.8
Disclosure date
2015-07-08
Credits
Marcin Probola
Submitter
ThreatPress