4 matches found
CVE-2023-5601
The WooCommerce Ninja Forms Product Add-ons WordPress plugin before 1.7.1 does not validate the file to be uploaded, allowing any unauthenticated users to upload arbitrary files to the server, leading to RCE...
CVE-2023-5601 WooCommerce Ninja Forms Product Add-ons < 1.7.1 - Unauthenticated Arbitrary File Upload
The WooCommerce Ninja Forms Product Add-ons WordPress plugin before 1.7.1 does not validate the file to be uploaded, allowing any unauthenticated users to upload arbitrary files to the server, leading to RCE...
CVE-2023-5601
CVE-2023-5601 affects the WooCommerce Ninja Forms Product Add-ons plugin for WordPress (versions
WordPress WooCommerce Ninja Forms Product Add-ons Plugin <= 1.7.0 is vulnerable to Arbitrary File Upload
Software WooCommerce Ninja Forms Product Add-ons Type Plugin Vulnerable versions = 1.7.0 Fixed in 1.7.1 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-5601 Patch priority High CVSS severity High 10 Developer Claim ownership PSID 2bbb91735283 Credits Alexander Concha...