CVE-2023-47873

CRITICAL NUCLEI

Wensolutions WP Child Theme Generator - Unrestricted File Upload

Title source: rule

Description

Unrestricted Upload of File with Dangerous Type vulnerability in WEN Solutions WP Child Theme Generator.This issue affects WP Child Theme Generator: from n/a through 1.0.9.

Exploits (1)

github WORKING POC 3 stars

by certuscyber · pythonpoc

https://github.com/certuscyber/cve-pocs/tree/main/CVE-2023-47873

View Code ZIP pw:eip

Nuclei Templates (1)

WordPress WP Child Theme Generator < 1.1.3 - Arbitrary File Upload

CRITICALVERIFIEDby cysamu,Crux

References (1)

[Third Party Advisory] https://patchstack.com/database/vulnerability/wp-child-theme-generator/wordpress-wp-child-theme-generator-plugin-1-0-8-arbitrary-file-upload-vulnerability?_s_id=cve

Scores

CVSS v3 9.1

EPSS 0.1296

EPSS Percentile 94.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Details

CWE

CWE-434

Status published

Products (1)

wensolutions/wp_child_theme_generator < 1.1.3

Published Mar 26, 2024

Tracked Since Feb 18, 2026