exploitDog

CVE-2023-6585

Опубликовано: 27 фев. 2024

Источник: nvd

CVSS3: 7.5

EPSS Низкий

Описание

The WP JobSearch WordPress plugin before 2.3.4 does not validate files to be uploaded, which could allow unauthenticated attackers to upload arbitrary files such as PHP on the server

Ссылки

https://wpscan.com/vulnerability/757412f4-e4f8-4007-8e3b-639a72b33180/
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/757412f4-e4f8-4007-8e3b-639a72b33180/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:eyecix:jobsearch_wp_job_board:*:*:*:*:*:wordpress:*:*

Версия до 2.3.4 (исключая)

EPSS

Процентиль: 66%

0.00504

Низкий

7.5 High

CVSS3

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-q25f-2gjj-7ppp

CVSS3: 7.5

github

почти 2 года назад

The WP JobSearch WordPress plugin before 2.3.4 does not validate files to be uploaded, which could allow unauthenticated attackers to upload arbitrary files such as PHP on the server

EPSS

Процентиль: 66%

0.00504

Низкий

7.5 High

CVSS3

Дефекты

NVD-CWE-noinfo