3 matches found
CVE-2023-6635
creationtimestamp| type| source ---|---|--- 2024-02-29 10:26:08+00:00| seen| https://t.me/ctinow/196465...
WordPress Gutenberg Block Editor Toolkit Plugin <= 1.40.3 is vulnerable to Arbitrary File Upload
Software Gutenberg Block Editor Toolkit Type Plugin Vulnerable versions = 1.40.3 Fixed in 1.40.4 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-6635 Patch priority Low CVSS severity Low 7.2 Developer Claim ownership PSID d39ac6b70847 Credits István Márton Required...
CVE-2023-6635
The CVE-2023-6635 entry concerns the WordPress EditorsKit plugin. Affected component: the import_styles function. Root cause: missing file type validation allows an authenticated administrator to upload arbitrary files to the site server, potentially enabling remote code execution. Affected versi...