Lucene search
K

4 matches found

Nuclei
Nuclei
added yesterday32 views

Form-Maker < 1.15.20 - Unauthenticated Arbitrary File Upload

The plugin does not validate signatures when creating them on the server from user input, allowing unauthenticated users to create arbitrary files and lead to RCE. id: CVE-2023-4666 info: name: Form-Maker 1.15.20 - Unauthenticated Arbitrary File Upload author: pussycat0x severity: critical...

9.8CVSS7.1AI score0.03283EPSS
Exploits3References1
Circl
Circl
added 2023/10/17 12:32 a.m.10 views

CVE-2023-4666

creationtimestamp| type| source ---|---|--- 2023-10-17 00:32:14+00:00| seen| https://t.me/cibsecurity/72347 2025-01-31 21:40:22+00:00| seen| Telegram/KQt3AsBMUv9rm4uNMEtvLFjsfOosJKxmDQL0jQWpInK2LtGCng 2025-04-07 11:02:22+00:00| published-proof-of-concept| https://t.me/Idi0tSecMarket/21 2025-09-24...

9.8CVSS8.6AI score0.03283EPSS
Exploits3References3
Vulnrichment
Vulnrichment
added 2023/10/16 7:39 p.m.8 views

CVE-2023-4666 Form-Maker < 1.15.20 - Unauthenticated Arbitrary File Upload

The Form Maker by 10Web WordPress plugin before 1.15.20 does not validate signatures when creating them on the server from user input, allowing unauthenticated users to create arbitrary files and lead to RCE...

9.6AI score0.03283EPSS
Exploits3References1
CVE
CVE
added 2023/10/16 7:39 p.m.96 views

CVE-2023-4666

CVE-2023-4666 affects the Form Maker by 10Web WordPress plugin (before 1.15.20). The vulnerability arises because the plugin does not validate signatures when creating them on the server from user input, allowing unauthenticated users to upload arbitrary files and potentially achieve remote code ...

9.8CVSS9.6AI score0.03283EPSS
Exploits3References1Affected Software1
Rows per page
Query Builder