Lucene search
K

5 matches found

NVD
NVD
added 2023/06/27 2:15 p.m.23 views

CVE-2023-2996

The Jetpack WordPress plugin before 12.1.1 does not validate uploaded files, allowing users with author roles or above to manipulate existing files on the site, deleting arbitrary files, and in rare cases achieve Remote Code Execution via phar deserialization...

8.8CVSS9AI score0.04824EPSS
Exploits2References2
Vulnrichment
Vulnrichment
added 2023/06/27 1:17 p.m.15 views

CVE-2023-2996 Jetpack < 12.1.1 - Author+ Arbitrary File Manipulation via API

The Jetpack WordPress plugin before 12.1.1 does not validate uploaded files, allowing users with author roles or above to manipulate existing files on the site, deleting arbitrary files, and in rare cases achieve Remote Code Execution via phar deserialization...

7.5AI score0.04824EPSS
Exploits2References2
Cvelist
Cvelist
added 2023/06/27 1:17 p.m.33 views

CVE-2023-2996 Jetpack < 12.1.1 - Author+ Arbitrary File Manipulation via API

The Jetpack WordPress plugin before 12.1.1 does not validate uploaded files, allowing users with author roles or above to manipulate existing files on the site, deleting arbitrary files, and in rare cases achieve Remote Code Execution via phar deserialization...

9.2AI score0.04824EPSS
Exploits2References2
CVE
CVE
added 2023/06/27 1:17 p.m.230 views

CVE-2023-2996

Jetpack WordPress plugin (versions prior to 12.1.1) is affected by a vulnerability where uploaded files are not validated. This allows users with author roles or higher to manipulate existing files, delete arbitrary files, and in rare cases achieve Remote Code Execution via phar deserialization. ...

8.8CVSS9AI score0.04824EPSS
Exploits2References2Affected Software1
OpenVAS
OpenVAS
added 2023/06/02 12:0 a.m.16 views

WordPress JetPack Plugin Arbitrary File Manipulation Vulnerability (CVE-2023-2996)

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:automattic:jetpack"; if description...

8.8CVSS7AI score0.04824EPSS
Exploits2References2
Rows per page
Query Builder