exploitDog

GHSA-q25f-2gjj-7ppp

Опубликовано: 27 фев. 2024

Источник: github

Github: Не прошло ревью

CVSS3: 7.5

Описание

The WP JobSearch WordPress plugin before 2.3.4 does not validate files to be uploaded, which could allow unauthenticated attackers to upload arbitrary files such as PHP on the server

The WP JobSearch WordPress plugin before 2.3.4 does not validate files to be uploaded, which could allow unauthenticated attackers to upload arbitrary files such as PHP on the server

Ссылки

EPSS

Процентиль: 66%

0.00504

Низкий

7.5 High

CVSS3

CVE ID

Связанные уязвимости

CVE-2023-6585

CVSS3: 7.5

nvd

почти 2 года назад

The WP JobSearch WordPress plugin before 2.3.4 does not validate files to be uploaded, which could allow unauthenticated attackers to upload arbitrary files such as PHP on the server

EPSS

Процентиль: 66%

0.00504

Низкий

7.5 High

CVSS3

CVE ID