4 matches found
CVE-2023-5601
The WooCommerce Ninja Forms Product Add-ons WordPress plugin before 1.7.1 does not validate the file to be uploaded, allowing any unauthenticated users to upload arbitrary files to the server, leading to RCE...
CVE-2023-5601
CVE-2023-5601 affects the WooCommerce Ninja Forms Product Add-ons plugin for WordPress (versions
CVE-2023-5601 WooCommerce Ninja Forms Product Add-ons < 1.7.1 - Unauthenticated Arbitrary File Upload
The WooCommerce Ninja Forms Product Add-ons WordPress plugin before 1.7.1 does not validate the file to be uploaded, allowing any unauthenticated users to upload arbitrary files to the server, leading to RCE...
WordPress WooCommerce Ninja Forms Product Add-ons Plugin <= 1.7.0 is vulnerable to Arbitrary File Upload
Software WooCommerce Ninja Forms Product Add-ons Type Plugin Vulnerable versions = 1.7.0 Fixed in 1.7.1 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-5601 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 2bbb91735283 Credits Alexander Concha...