4 matches found
Form-Maker < 1.15.20 - Unauthenticated Arbitrary File Upload
The plugin does not validate signatures when creating them on the server from user input, allowing unauthenticated users to create arbitrary files and lead to RCE. id: CVE-2023-4666 info: name: Form-Maker 1.15.20 - Unauthenticated Arbitrary File Upload author: pussycat0x severity: critical...
CVE-2023-4666
creationtimestamp| type| source ---|---|--- 2023-10-17 00:32:14+00:00| seen| https://t.me/cibsecurity/72347 2025-01-31 21:40:22+00:00| seen| Telegram/KQt3AsBMUv9rm4uNMEtvLFjsfOosJKxmDQL0jQWpInK2LtGCng 2025-04-07 11:02:22+00:00| published-proof-of-concept| https://t.me/Idi0tSecMarket/21 2025-09-24...
CVE-2023-4666 Form-Maker < 1.15.20 - Unauthenticated Arbitrary File Upload
The Form Maker by 10Web WordPress plugin before 1.15.20 does not validate signatures when creating them on the server from user input, allowing unauthenticated users to create arbitrary files and lead to RCE...
CVE-2023-4666
CVE-2023-4666 affects the Form Maker by 10Web WordPress plugin (before 1.15.20). The vulnerability arises because the plugin does not validate signatures when creating them on the server from user input, allowing unauthenticated users to upload arbitrary files and potentially achieve remote code ...