3 matches found
CVE-2023-45603
CVE-2023-45603 concerns the WordPress plugin User Submitted Posts (Jeff Starr) with an Unrestricted Upload of File with Dangerous Type, enabling unauthenticated users to upload arbitrary files via the usp_attach_images path. Public sources (NVD/Wordfence, Patchstack) identify this as a high-sever...
CVE-2023-45603
creationtimestamp| type| source ---|---|--- 2023-10-15 02:07:21+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/5423 2023-10-15 03:51:21+00:00| published-proof-of-concept| https://t.me/codeb0ss/1245 2023-10-16 12:20:37+00:00| published-proof-of-concept|...
WordPress User Submitted Posts Plugin <= 20230902 is vulnerable to Arbitrary File Upload
Software User Submitted Posts Type Plugin Vulnerable versions = 20230902 Fixed in 20230914 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2023-45603 Patch priority High CVSS severity High 9 Developer Claim ownership PSID b7d676bf7c95 Credits Rafie Muhammad Patchstack...