Lucene search
K

4 matches found

NVD
NVD
added 2023/10/30 2:15 p.m.24 views

CVE-2023-5199

The PHP to Page plugin for WordPress is vulnerable Local File Inclusion to Remote Code Execution in versions up to, and including, 0.3 via the 'php-to-page' shortcode. This allows authenticated attackers with subscriber-level permissions or above, to include local file and potentially execute cod...

9.9CVSS9.8AI score0.01383EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2023/10/30 1:48 p.m.7 views

CVE-2023-5199 PHP to Page <= 0.3 - Authenticated (Subscriber+) Local File Inclusion to Remote Code Execution via Shortcode

The PHP to Page plugin for WordPress is vulnerable Local File Inclusion to Remote Code Execution in versions up to, and including, 0.3 via the 'php-to-page' shortcode. This allows authenticated attackers with subscriber-level permissions or above, to include local file and potentially execute cod...

9.9CVSS7.9AI score0.01383EPSS
Exploits1References2
CVE
CVE
added 2023/10/30 1:48 p.m.86 views

CVE-2023-5199

CVE-2023-5199 corresponds to the PHP to Page WordPress plugin vulnerability: Local File Inclusion enabling Remote Code Execution via the php-to-page shortcode. Affected: PHP to Page plugin versions

9.9CVSS9.4AI score0.01383EPSS
Exploits1References2Affected Software1
Patchstack
Patchstack
added 2023/10/29 12:0 a.m.10 views

WordPress PHP to Page Plugin <= 0.3 is vulnerable to Remote Code Execution (RCE)

Software PHP to Page Type Plugin Vulnerable versions = 0.3 Fixed in N/A OWASP Top 10 A1: Injection Classification Remote Code Execution RCE CVE CVE-2023-5199 Patch priority Medium CVSS severity Medium 9.9 Developer Claim ownership PSID fd52cb970119 Credits István Márton Required privilege...

9.9CVSS7.2AI score0.01383EPSS
Exploits1References2Affected Software1
Rows per page
Query Builder