CVE-2023-28731

AnyMailing Joomla Plugin is vulnerable to unauthenticated remote code execution, when being granted access to the campaign's creation on front-office due to unrestricted file upload allowing PHP code to be injected. This issue affects AnyMailing Joomla Plugin Enterprise in versions below 8.3.0...

PT-2023-21925 · Joomla · Anymailing Joomla Plugin

Name of the Vulnerable Software and Affected Versions: AnyMailing Joomla Plugin Enterprise versions prior to 8.3.0 Description: The issue is related to unauthenticated remote code execution when access to campaign creation is granted on the front-office, due to unrestricted file upload allowing P...