exploitDog

CVE-2024-5630

Опубликовано: 15 июл. 2024

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

The Insert or Embed Articulate Content into WordPress plugin before 4.3000000024 does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites.

Ссылки

https://wpscan.com/vulnerability/538c875f-4c20-4be0-8098-5bddb7aecff4/
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/538c875f-4c20-4be0-8098-5bddb7aecff4/
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:elearningfreak:insert_or_embed_articulate_content:*:*:*:*:*:wordpress:*:*

Версия до 4.3000000024 (исключая)

EPSS

Процентиль: 78%

0.0113

Низкий

8.8 High

CVSS3

Дефекты

CWE-434

Связанные уязвимости

GHSA-5m9v-g6cg-987g

CVSS3: 8.8

github

больше 1 года назад

The Insert or Embed Articulate Content into WordPress plugin before 4.3000000024 does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites.

EPSS

Процентиль: 78%

0.0113

Низкий

8.8 High

CVSS3

Дефекты

CWE-434