4 matches found
CVE-2023-5673
The WP Mail Log WordPress plugin before 1.1.3 does not properly validate file extensions uploading files to attach to emails, allowing attackers to upload PHP files, leading to remote code execution...
CVE-2023-5673
The WP Mail Log WordPress plugin before 1.1.3 does not properly validate file extensions uploading files to attach to emails, allowing attackers to upload PHP files, leading to remote code execution...
CVE-2023-5673 WP Mail Log < 1.1.3 – Contributor+ Arbitrary File Upload to RCE
The WP Mail Log WordPress plugin before 1.1.3 does not properly validate file extensions uploading files to attach to emails, allowing attackers to upload PHP files, leading to remote code execution...
CVE-2023-5673
The CVE-2023-5673 entry concerns the WP Mail Log WordPress plugin (versions before 1.1.3). The vulnerability is due to improper validation of file extensions when uploading attachments to emails, enabling PHP file uploads that can lead to remote code execution. Affected component: the upload hand...