Podatność CVE-2023-5360
Publikacja: 2023-10-31

Opis:
The Royal Elementor Addons and Templates WordPress plugin before 1.3.79 does not properly validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as PHP and achieve RCE.

W naszej bazie, znaleźliśmy następujące noty dla tego CVE:
Tytuł
Autor
Data
High
Royal Elementor Addons and Templates 1.3.78 Unauthenticated Arbitrary File Upload
Sheikh Mohammad ...
06.04.2025

Typ:

CWE-434

 (Unrestricted Upload of File with Dangerous Type)

 Referencje:
https://wpscan.com/vulnerability/281518ff-7816-4007-b712-63aed7828b34
Copyright 2025, cxsecurity.com

 

Back to Top