Lucene search
K

5 matches found

NVD
NVD
added 2023/03/13 5:15 p.m.26 views

CVE-2023-0477

The Auto Featured Image Auto Post Thumbnail WordPress plugin before 3.9.16 includes an AJAX endpoint that allows any user with at least Author privileges to upload arbitrary files, such as PHP files. This is caused by incorrect file extension validation...

8.8CVSS8.8AI score0.01645EPSS
Exploits1References1
CVE
CVE
added 2023/03/13 4:3 p.m.56 views

CVE-2023-0477

CVE-2023-0477 affects the WordPress plugin Auto Featured Image (Auto Post Thumbnail)

8.8CVSS8.9AI score0.01645EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2023/03/13 4:3 p.m.33 views

CVE-2023-0477 Auto Featured Image < 3.9.16 - Author+ Arbitrary File Upload

The Auto Featured Image Auto Post Thumbnail WordPress plugin before 3.9.16 includes an AJAX endpoint that allows any user with at least Author privileges to upload arbitrary files, such as PHP files. This is caused by incorrect file extension validation...

9AI score0.01645EPSS
Exploits1References1
Patchstack
Patchstack
added 2023/03/03 12:0 a.m.17 views

WordPress Auto Featured Image (Auto Post Thumbnail) Plugin < 3.9.16 is vulnerable to Arbitrary File Upload

Software Auto Featured Image Auto Post Thumbnail Type Plugin Vulnerable versions 3.9.16 Fixed in 3.9.16 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-0477 Patch priority High CVSS severity High 9.1 Developer Claim ownership PSID ad8cfc8bf738 Credits dc11 Required...

8.8CVSS7.2AI score0.01645EPSS
Exploits1References3Affected Software1
Wordfence Blog
Wordfence Blog
added 2023/02/16 3:21 p.m.165 views

Wordfence Intelligence CE Weekly Vulnerability Report (Feb 6, 2023 to Feb 12, 2023)

In case you missed it, Wordfence has curated an industry leading vulnerability database with all known WordPress core, theme, and plugin vulnerabilities known as Wordfence Intelligence Community Edition. This database is continuously updated, maintained, and populated by Wordfences highly...

0.24263EPSS
Exploits17
Rows per page
Query Builder