Lucene search

CVE-2023-0477

🗓️ 13 Mar 2023 17:12:15Reported by [email protected]Type

WordPress plugin allows arbitrary file upload via AJAX endpoint

Reporter	Title	Published	Views	Family All 6
Patchstack	WordPress Auto Featured Image (Auto Post Thumbnail) Plugin < 3.9.16 is vulnerable to Arbitrary File Upload	3 Mar 202300:00	–	patchstack
CVE	CVE-2023-0477	13 Mar 202317:15	–	cve
Prion	Input validation	13 Mar 202317:15	–	prion
Vulnrichment	CVE-2023-0477 Auto Featured Image < 3.9.16 - Author+ Arbitrary File Upload	13 Mar 202316:03	–	vulnrichment
Cvelist	CVE-2023-0477 Auto Featured Image < 3.9.16 - Author+ Arbitrary File Upload	13 Mar 202316:03	–	cvelist
Wordfence Blog	Wordfence Intelligence CE Weekly Vulnerability Report (Feb 6, 2023 to Feb 12, 2023)	16 Feb 202315:21	–	wordfence

Nvd

Node

cm-wp auto_featured_imageRange<3.9.16wordpress

Source	Link
wpscan	www.wpscan.com/vulnerability/e5ef74a2-e04a-4a14-bd0e-d6910cd1c4b4

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

13 Mar 2023 17:15Current

8.8High risk

Vulners AI Score8.8

CVSS38.8

EPSS0.00112

CWE-434