exploitDog

CVE-2023-4311

Опубликовано: 18 дек. 2023

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 is vulnerable to arbitrary file upload due to insufficient checks in a plugin shortcode.

Ссылки

https://wpscan.com/vulnerability/21950116-1a69-4848-9da0-e912096c0fce
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/21950116-1a69-4848-9da0-e912096c0fce
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:maurice:vrm360:*:*:*:*:*:wordpress:*:*

Версия до 1.2.1 (включая)

EPSS

Процентиль: 58%

0.00364

Низкий

8.8 High

CVSS3

Дефекты

CWE-434

Связанные уязвимости

GHSA-7x7j-52gx-4h55

CVSS3: 8.8

github

около 2 лет назад

The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 is vulnerable to arbitrary file upload due to insufficient checks in a plugin shortcode.

EPSS

Процентиль: 58%

0.00364

Низкий

8.8 High

CVSS3

Дефекты

CWE-434