Lucene search
K

4 matches found

Circl
Circl
added 2024/01/11 10:26 a.m.6 views

CVE-2023-6558

creationtimestamp| type| source ---|---|--- 2024-01-11 10:26:38+00:00| seen| https://t.me/ctinow/166428...

7.2CVSS7.6AI score0.01366EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/01/11 8:32 a.m.6 views

CVE-2023-6558 Export and Import Users and Customers <= 2.4.8 - Authenticated (Shop Manager+) Arbitrary File Upload

The Export and Import Users and Customers plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'uploadimportfile' function in versions up to, and including, 2.4.8. This makes it possible for authenticated attackers with shop manager-level...

7.2CVSS7.8AI score0.01366EPSS
Exploits0References3
CVE
CVE
added 2024/01/11 8:32 a.m.48 views

CVE-2023-6558

CVE-2023-6558 concerns the WordPress plugin “Export and Import Users and Customers”. Affected versions are up to and including 2.4.8, where the function upload_import_file has insufficient file type validation, enabling authenticated users with shop-manager-level access or higher to upload arbitr...

7.2CVSS7.4AI score0.01366EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/12/13 12:0 a.m.17 views

WordPress Import Export WordPress Users Plugin <= 2.4.8 is vulnerable to Arbitrary File Upload

Software Import Export WordPress Users Type Plugin Vulnerable versions = 2.4.8 Fixed in 2.4.9 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-6558 Patch priority Medium CVSS severity Medium 9.1 Developer Claim ownership PSID a7515a768629 Credits István Márton Required...

7.2CVSS6.8AI score0.01366EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder