4 matches found
Exploit for CVE-2023-4596
CVE-2023-4596 !made-with-Pythonhttps://img.shields.io/bad...
CVE-2023-4596 Forminator <= 1.24.6 - Unauthenticated Arbitrary File Upload
The Forminator plugin for WordPress is vulnerable to arbitrary file uploads due to file type validation occurring after a file has been uploaded to the server in the uploadpostimage function in versions up to, and including, 1.24.6. This makes it possible for unauthenticated attackers to upload...
CVE-2023-4596
CVE-2023-4596 — WordPress Forminator plugin Arbitrary File Upload Affected software: WordPress Forminator plugin (all environments using WordPress) up to version 1.24.6. Root cause: Vulnerability arises from file type validation occurring after a file has been uploaded in upload_post_image(), ena...
WordPress Forminator Plugin <= 1.24.6 is vulnerable to Arbitrary File Upload
Software Forminator Type Plugin Vulnerable versions = 1.24.6 Fixed in 1.25.0 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-4596 Patch priority High CVSS severity High 9.8 Developer WPMU DEV PSID c13bf0eea10b Credits mehmet Required privilege Unauthenticated Publishe...