3 matches found
CVE-2023-4142
creationtimestamp| type| source ---|---|--- 2023-08-04 07:45:36+00:00| seen| Telegram/j6Jxn-QawNvdupY3wHUvEEM511yZJfE1SwO-u04tJ4io6UQ...
CVE-2023-4142 WP Ultimate CSV Importer <= 7.9.8 - Authenticated (Author+) Remote Code Execution
The WP Ultimate CSV Importer plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 7.9.8 via the '-cus1' parameter. This allows authenticated attackers with author-level permissions or above, if the administrator previously grants access in the plugin...
WordPress WP Ultimate CSV Importer Plugin <= 7.9.8 is vulnerable to Remote Code Execution (RCE)
Software WP Ultimate CSV Importer Type Plugin Vulnerable versions = 7.9.8 Fixed in 7.9.9 OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2023-4142 Patch priority Medium CVSS severity Medium 8 Developer Claim ownership PSID a395389d1982 Credits István Márton Required...