Exploit for CVE-2023-2877

CVE-2023-2877 Formidable Forms 6.3.1 - Subscriber+ Remote...

CVE-2022-4060

The User Post Gallery WordPress plugin through 2.19 does not limit what callback functions can be called by users, making it possible to any visitors to run code on sites running it...

CVE-2022-4060 User Post Gallery <= 2.19 - Unauthenticated RCE

The User Post Gallery WordPress plugin through 2.19 does not limit what callback functions can be called by users, making it possible to any visitors to run code on sites running it...

CVE-2022-4060

CVE-2022-4060 affects WordPress plugin “User Post Gallery” up to version 2.19. The Nuclei template and multiple sources describe a remote code execution vulnerability caused by the plugin not restricting which callbacks can be invoked by users, enabling unauthenticated attackers to run arbitrary ...

CVE-2022-4060 User Post Gallery <= 2.19 - Unauthenticated RCE

The User Post Gallery WordPress plugin through 2.19 does not limit what callback functions can be called by users, making it possible to any visitors to run code on sites running it...

PT-2023-7904 · WordPress · User Post Gallery

Name of the Vulnerable Software and Affected Versions: User Post Gallery WordPress plugin versions 2.19 and earlier Description: The issue is related to insufficient authorization procedure in the User Post Gallery WordPress plugin, allowing remote attackers to execute arbitrary code. This is...

WordPress plugin User Post Gallery 代码注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress plugin User Post Gallery 2.19 and...

WordPress plugin User Post Gallery 命令注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A command injection vulnerability...

PT-2023-15965 · WordPress · The User Post Gallery - Upg

Name of the Vulnerable Software and Affected Versions: The User Post Gallery - UPG plugin for WordPress versions up to, and including 2.19 Description: The issue allows for authorization bypass, leading to remote command execution due to the use of a nopriv AJAX action and user-supplied function...

VulnCheck KEV: CVE-2022-4060

The User Post Gallery WordPress plugin through 2.19 does not limit what callback functions can be called by users, making it possible to any visitors to run code on sites running it...

User Post Gallery <= 2.19 - Unauthenticated RCE

The plugin does not limit what callback functions can be called by users, making it possible to any visitors to run code on sites running it. PoC Invoke the following curl command to execute the "id" command via PHP's exec function: curl -i...