Lucene search
K

4 matches found

Vulnrichment
Vulnrichment
added 2023/10/30 1:48 p.m.10 views

CVE-2023-5250 Grid Plus <= 1.3.3 - Authenticated (Subscriber+) Local File Inclusion via Shortcode

The Grid Plus plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.3.3 via a shortcode attribute. This allows subscriber-level, and above, attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those file...

8.8CVSS7.8AI score0.01107EPSS
Exploits0References3
CVE
CVE
added 2023/10/30 1:48 p.m.59 views

CVE-2023-5250

CVE-2023-5250 affects Grid Plus WordPress plugin up to version 1.3.2, with Local File Inclusion via a shortcode attribute. This allows subscriber-level and higher attackers to include and execute PHP code from server files (limited to .php files), potentially bypassing access controls or enabling...

8.8CVSS7.8AI score0.01107EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/10/30 1:48 p.m.26 views

CVE-2023-5250 Grid Plus <= 1.3.3 - Authenticated (Subscriber+) Local File Inclusion via Shortcode

The Grid Plus plugin for WordPress is vulnerable to Local File Inclusion in versions up to, and including, 1.3.3 via a shortcode attribute. This allows subscriber-level, and above, attackers to include and execute arbitrary files on the server, allowing the execution of any PHP code in those file...

8.8CVSS9.1AI score0.01107EPSS
Exploits0References3
Patchstack
Patchstack
added 2023/10/29 12:0 a.m.10 views

WordPress Grid Plus Plugin <= 1.3.3 is vulnerable to Local File Inclusion

Software Grid Plus Type Plugin Vulnerable versions = 1.3.3 Fixed in 1.3.4 OWASP Top 10 A1: Injection Classification Local File Inclusion CVE CVE-2023-5250 Patch priority Low CVSS severity Low 6.4 Developer Claim ownership PSID a64dc6db3b2e Credits István Márton Required privilege Subscriber...

8.8CVSS6.8AI score0.01107EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder