exploitDog

GHSA-j47r-gcvh-59g7

Опубликовано: 13 фев. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

The Enable Media Replace WordPress plugin before 4.0.2 does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites.

The Enable Media Replace WordPress plugin before 4.0.2 does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites.

Ссылки

EPSS

Процентиль: 76%

0.00933

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-434

Связанные уязвимости

CVE-2023-0255

CVSS3: 8.8

nvd

почти 3 года назад

The Enable Media Replace WordPress plugin before 4.0.2 does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites.

EPSS

Процентиль: 76%

0.00933

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-434