exploitDog

CVE-2023-4861

Опубликовано: 16 окт. 2023

Источник: nvd

CVSS3: 7.2

EPSS Низкий

Описание

The File Manager Pro WordPress plugin before 1.8.1 allows admin users to upload arbitrary files, even in environments where such a user should not be able to gain full control of the server, such as a multisite installation. This leads to remote code execution.

Ссылки

https://wpscan.com/vulnerability/7fa03f00-25c7-4e40-8592-bb4001ce019d
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/7fa03f00-25c7-4e40-8592-bb4001ce019d
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ninjateam:filester:*:*:*:*:wordpress:*:*:*

Версия до 1.8.1 (исключая)

EPSS

Процентиль: 88%

0.03718

Низкий

7.2 High

CVSS3

Дефекты

Связанные уязвимости

GHSA-qmv3-76vc-754w

CVSS3: 7.2

github

больше 2 лет назад

The File Manager Pro WordPress plugin before 1.8.1 allows admin users to upload arbitrary files, even in environments where such a user should not be able to gain full control of the server, such as a multisite installation. This leads to remote code execution.

EPSS

Процентиль: 88%

0.03718

Низкий

7.2 High

CVSS3

Дефекты