6 matches found
CVE-2023-48777
Unrestricted Upload of File with Dangerous Type vulnerability in Elementor.Com Elementor Website Builder.This issue affects Elementor Website Builder: from 3.3.0 through 3.18.1...
CVE-2023-48777
Unrestricted Upload of File with Dangerous Type vulnerability in Elementor.Com Elementor Website Builder.This issue affects Elementor Website Builder: from 3.3.0 through 3.18.1...
CVE-2023-48777 WordPress Elementor plugin 3.3.0-3.18.1 - Arbitrary File Upload vulnerability
Unrestricted Upload of File with Dangerous Type vulnerability in Elementor.Com Elementor Website Builder.This issue affects Elementor Website Builder: from 3.3.0 through 3.18.1...
CVE-2023-48777
Elementor Website Builder is affected by CVE-2023-48777: Unrestricted file upload to RCE via template import in versions 3.3.0–3.18.1. Exploitation requires Contributor-level access (Authenticated). The root cause involves handle_elementor_upload saving uploaded files to a temporary location befo...
WordPress Elementor 3.18.1 File Upload / Remote Code Execution Vulnerabilities
WordPress Elementor plugin versions 3.18.1 and below are vulnerability to remote code execution via file upload in the template import functionality. Vulnerability Summary from Wordfence Intelligence Description: Elementor = 3.18.1 AuthenticatedContributor+ Arbitrary File Upload to Remote Code...
WordPress Elementor Website Builder Plugin 3.3.0-3.18.1 is vulnerable to Arbitrary File Upload
Software Elementor Website Builder Type Plugin Vulnerable versions 3.3.0-3.18.1 Fixed in 3.18.2 OWASP Top 10 A3: Injection Classification Arbitrary File Upload CVE CVE-2023-48777 Patch priority High CVSS severity High 9.9 Developer Elementor PSID 64baf5c2aab5 Credits Hồng Quân luk6785 at VNPT-VCI...