CVE-2023-5355

creationtimestamp| type| source ---|---|--- 2023-11-07 00:31:59+00:00| seen| https://t.me/cibsecurity/73657 2025-03-24 18:23:02+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/8494...

WordPress Awesome Support Plugin < 6.1.5 is vulnerable to Arbitrary File Deletion

Software Awesome Support Type Plugin Vulnerable versions 6.1.5 Fixed in 6.1.5 OWASP Top 10 A5: Security Misconfiguration Classification Arbitrary File Deletion CVE CVE-2023-5355 Patch priority Medium CVSS severity Medium 7.7 Developer Claim ownership PSID b2eca27b2e54 Credits Alex Sanford Require...

CVE-2023-5355

The Awesome Support WordPress plugin before 6.1.5 does not sanitize file paths when deleting temporary attachment files, allowing a ticket submitter to delete arbitrary files on the server...

CVE-2023-5355

CVE-2023-5355 affects the WordPress plugin Awesome Support (versions before 6.1.5). The vulnerability arises when deleting temporary attachment files, where file path sanitization is insufficient, allowing a ticket submitter (low privileges) to delete arbitrary server files. CVSS v3.1 reflects 8....

CVE-2023-5355 Awesome Support < 6.1.5 - Submitter+ Arbitrary File Deletion

The Awesome Support WordPress plugin before 6.1.5 does not sanitize file paths when deleting temporary attachment files, allowing a ticket submitter to delete arbitrary files on the server...