Lucene search
K

4 matches found

Patchstack
Patchstack
added 2023/04/11 12:0 a.m.19 views

WordPress JetEngine Plugin < 3.1.3.1 is vulnerable to Remote Code Execution (RCE)

Software JetEngine Type Plugin Vulnerable versions 3.1.3.1 Fixed in 3.1.3.1 OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2023-1406 Patch priority High CVSS severity High 9.1 Developer Crocoblock PSID a91fe4278b33 Credits R3zk0n Required privilege Author Published 11...

8.8CVSS7.2AI score0.01519EPSS
Exploits2References3Affected Software1
Cvelist
Cvelist
added 2023/04/10 1:17 p.m.49 views

CVE-2023-1406 JetEngine < 3.1.3.1 - Author+ Remote Code Execution

The JetEngine WordPress plugin before 3.1.3.1 includes uploaded files without adequately ensuring that they are not executable, leading to a remote code execution vulnerability...

9.2AI score0.01519EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/04/10 1:17 p.m.8 views

CVE-2023-1406 JetEngine < 3.1.3.1 - Author+ Remote Code Execution

The JetEngine WordPress plugin before 3.1.3.1 includes uploaded files without adequately ensuring that they are not executable, leading to a remote code execution vulnerability...

9AI score0.01519EPSS
Exploits2References1
CVE
CVE
added 2023/04/10 1:17 p.m.252 views

CVE-2023-1406

CVE-2023-1406 affects the JetEngine WordPress plugin prior to 3.1.3.1. The vulnerability arises from uploading files without sufficient checks to prevent executable content, enabling remote code execution. A fix is available: upgrade to JetEngine 3.1.3.1 or later. If upgrading is not possible, ap...

8.8CVSS9AI score0.01519EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder