Vulnerability CVE-2023-5360
Published: 2023-10-31

Description:
The Royal Elementor Addons and Templates WordPress plugin before 1.3.79 does not properly validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as PHP and achieve RCE.

See advisories in our WLB2 database:
Topic
Author
Date
High
Royal Elementor Addons and Templates 1.3.78 Unauthenticated Arbitrary File Upload
Sheikh Mohammad ...
06.04.2025

Type:

CWE-434

 (Unrestricted Upload of File with Dangerous Type)

 References:
https://wpscan.com/vulnerability/281518ff-7816-4007-b712-63aed7828b34
Copyright 2025, cxsecurity.com

 

Back to Top