Lucene search
K

7 matches found

OpenVAS
OpenVAS
added 2023/08/01 12:0 a.m.10 views

WordPress Enable Media Replace Plugin < 4.0.2 Arbitrary File Upload Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:shortpixel:enablemediareplace"; if description...

8.8CVSS8.8AI score0.01096EPSS
Exploits2References1
OSV
OSV
added 2023/02/13 3:15 p.m.3 views

CVE-2023-0255

The Enable Media Replace WordPress plugin before 4.0.2 does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites...

8.8CVSS5.9AI score0.01096EPSS
Exploits2References1
NVD
NVD
added 2023/02/13 3:15 p.m.35 views

CVE-2023-0255

The Enable Media Replace WordPress plugin before 4.0.2 does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites...

8.8CVSS8.8AI score0.01096EPSS
Exploits2References1
CVE
CVE
added 2023/02/13 2:32 p.m.106 views

CVE-2023-0255

The CVE-2023-0255 entry concerns the WordPress plugin Enable Media Replace, prior to version 4.0.2. The vulnerability allows authors to upload arbitrary files to the site via the plugin, which may lead to PHP shells being uploaded on affected installations. The underlying issue is an inadequate v...

8.8CVSS8.8AI score0.01096EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/02/13 2:32 p.m.5 views

CVE-2023-0255 Enable Media Replace < 4.0.2 - Author+ Arbitrary File Upload

The Enable Media Replace WordPress plugin before 4.0.2 does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites...

8.8AI score0.01096EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/02/13 2:32 p.m.39 views

CVE-2023-0255 Enable Media Replace < 4.0.2 - Author+ Arbitrary File Upload

The Enable Media Replace WordPress plugin before 4.0.2 does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites...

9AI score0.01096EPSS
Exploits2References1
Patchstack
Patchstack
added 2023/01/18 12:0 a.m.22 views

WordPress Enable Media Replace Plugin < 4.0.2 is vulnerable to Arbitrary File Upload

Software Enable Media Replace Type Plugin Vulnerable versions 4.0.2 Fixed in 4.0.2 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-0255 Patch priority High CVSS severity High 9.1 Developer ShortPixel PSID 1a8eac52cb81 Credits dc11 Required privilege Author Published 1...

8.8CVSS6.8AI score0.01096EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder