Lucene search
K

4 matches found

Patchstack
Patchstack
added 2023/11/07 12:0 a.m.21 views

WordPress Awesome Support Plugin < 6.1.5 is vulnerable to Arbitrary File Deletion

Software Awesome Support Type Plugin Vulnerable versions 6.1.5 Fixed in 6.1.5 OWASP Top 10 A5: Security Misconfiguration Classification Arbitrary File Deletion CVE CVE-2023-5355 Patch priority Medium CVSS severity Medium 7.7 Developer Claim ownership PSID b2eca27b2e54 Credits Alex Sanford Require...

8.1CVSS6.8AI score0.0066EPSS
Exploits2References4Affected Software1
OSV
OSV
added 2023/11/06 9:15 p.m.4 views

CVE-2023-5355

The Awesome Support WordPress plugin before 6.1.5 does not sanitize file paths when deleting temporary attachment files, allowing a ticket submitter to delete arbitrary files on the server...

8.1CVSS5.9AI score0.0066EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/11/06 8:41 p.m.22 views

CVE-2023-5355 Awesome Support < 6.1.5 - Submitter+ Arbitrary File Deletion

The Awesome Support WordPress plugin before 6.1.5 does not sanitize file paths when deleting temporary attachment files, allowing a ticket submitter to delete arbitrary files on the server...

8.2AI score0.0066EPSS
Exploits2References1
CVE
CVE
added 2023/11/06 8:41 p.m.65 views

CVE-2023-5355

CVE-2023-5355 affects the WordPress plugin Awesome Support (versions before 6.1.5). The vulnerability arises when deleting temporary attachment files, where file path sanitization is insufficient, allowing a ticket submitter (low privileges) to delete arbitrary server files. CVSS v3.1 reflects 8....

8.1CVSS8.1AI score0.0066EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder