High severity8.8NVD Advisory· Published Nov 16, 2020· Updated Jun 17, 2026
CVE-2020-28649
CVE-2020-28649
Description
The orbisius-child-theme-creator plugin before 1.5.2 for WordPress allows CSRF via orbisius_ctc_theme_editor_manage_file.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- WordPress/orbisius-child-theme-creatordescription
- Range: <1.5.2
- Range: <1.5.2
Patches
Vulnerability mechanics
References
2- www.wordfence.com/blog/2020/10/high-severity-vulnerability-patched-in-child-theme-creator-by-orbisius/nvdExploitThird Party Advisory
- wordpress.org/plugins/orbisius-child-theme-creator/nvdProductThird Party Advisory
News mentions
0No linked articles in our index yet.