Lucene search
WPScanCVELIST:CVE-2023-5673HistoryDec 26, 2023 - 6:33 p.m.
CVE-2023-5673 WP Mail Log < 1.1.3 – Contributor+ Arbitrary File Upload to RCE
2023-12-2618:33:03
WPScan
www.cve.org
cve-2023-5673
wordpress
mail log
arbitrary file upload
remote code execution
security vulnerability
The WP Mail Log WordPress plugin before 1.1.3 does not properly validate file extensions uploading files to attach to emails, allowing attackers to upload PHP files, leading to remote code execution.
CNA Affected
[
{
"vendor": "Unknown",
"product": "WP Mail Log",
"versions": [
{
"status": "affected",
"versionType": "semver",
"version": "0",
"lessThan": "1.1.3"
}
],
"defaultStatus": "unaffected",
"collectionURL": "https://wordpress.org/plugins"
}
]Related
wpexploit
wpexploit
WP Mail Log < 1.1.3 – Contributor+ Arbitrary File Upload to RCE
2023-11-28 00:00:00
wpvulndb
wpvulndb
WP Mail Log < 1.1.3 – Contributor+ Arbitrary File Upload to RCE
2023-11-28 00:00:00
nvd
nvd
CVE-2023-5673
2023-12-26 19:15:07
cve
cve
CVE-2023-5673
2023-12-26 19:15:07
prion
prion
Remote code execution
2023-12-26 19:15:00