{"vulnerability": "CVE-2015-9456", "sightings": [{"uuid": "91365522-767a-4492-bc66-2a3684956abc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2015-9456", "type": "seen", "source": "https://t.me/cibsecurity/7266", "content": "ATENTION\u203c New - CVE-2015-9456\n\nThe orbisius-child-theme-creator plugin before 1.2.8 for WordPress has incorrect access control for file modification via the wp-admin/admin-ajax.php?action=orbisius_ctc_theme_editor_ajax&sub_cmd=save_file theme_1, theme_1_file, or theme_1_file_contents parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-10-08T15:49:25.000000Z"}]}