CVE-2023-6090

Опубликовано: 29 фев. 2024

Источник: nvd

CVSS3: 9.1

CVSS3: 7.2

EPSS Низкий

Описание

Unrestricted Upload of File with Dangerous Type vulnerability in Mollie Mollie Payments for WooCommerce.This issue affects Mollie Payments for WooCommerce: from n/a through 7.3.11.

Ссылки

https://patchstack.com/database/vulnerability/mollie-payments-for-woocommerce/wordpress-mollie-payments-for-woocommerce-plugin-7-3-11-arbitrary-file-upload-vulnerability?_s_id=cve
Third Party Advisory
https://patchstack.com/database/vulnerability/mollie-payments-for-woocommerce/wordpress-mollie-payments-for-woocommerce-plugin-7-3-11-arbitrary-file-upload-vulnerability?_s_id=cve
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:mollie:mollie_payments_for_woocommerce:*:*:*:*:*:wordpress:*:*

Версия до 7.3.12 (исключая)

EPSS

Процентиль: 40%

0.00185

Низкий

9.1 Critical

CVSS3

7.2 High

CVSS3

Дефекты

CWE-434

Связанные уязвимости

GHSA-6699-4qcw-gf5x

CVSS3: 9.1

github

почти 2 года назад

Unrestricted Upload of File with Dangerous Type vulnerability in Mollie Mollie Payments for WooCommerce.This issue affects Mollie Payments for WooCommerce: from n/a through 7.3.11.

EPSS

Процентиль: 40%

0.00185

Низкий

9.1 Critical

CVSS3

7.2 High

CVSS3

Дефекты

CWE-434