7 matches found
WordPress Enable Media Replace Plugin < 4.0.2 Arbitrary File Upload Vulnerability
The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:shortpixel:enablemediareplace"; if description...
CVE-2023-0255
The Enable Media Replace WordPress plugin before 4.0.2 does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites...
CVE-2023-0255
The Enable Media Replace WordPress plugin before 4.0.2 does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites...
CVE-2023-0255
The CVE-2023-0255 entry concerns the WordPress plugin Enable Media Replace, prior to version 4.0.2. The vulnerability allows authors to upload arbitrary files to the site via the plugin, which may lead to PHP shells being uploaded on affected installations. The underlying issue is an inadequate v...
CVE-2023-0255 Enable Media Replace < 4.0.2 - Author+ Arbitrary File Upload
The Enable Media Replace WordPress plugin before 4.0.2 does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites...
CVE-2023-0255 Enable Media Replace < 4.0.2 - Author+ Arbitrary File Upload
The Enable Media Replace WordPress plugin before 4.0.2 does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites...
WordPress Enable Media Replace Plugin < 4.0.2 is vulnerable to Arbitrary File Upload
Software Enable Media Replace Type Plugin Vulnerable versions 4.0.2 Fixed in 4.0.2 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-0255 Patch priority High CVSS severity High 9.1 Developer ShortPixel PSID 1a8eac52cb81 Credits dc11 Required privilege Author Published 1...