2 matches found
CVE-2023-5860
CVE-2023-5860 refers to the Icons Font Loader WordPress plugin vulnerable to arbitrary file uploads due to missing file type validation in the upload function, affecting versions up to and including 1.1.2. The issue requires authenticated access at administrator level or higher, enabling an attac...
WordPress Icons Font Loader Plugin <= 1.1.2 is vulnerable to Arbitrary File Upload
Software Icons Font Loader Type Plugin Vulnerable versions = 1.1.2 Fixed in 1.1.3 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-5860 Patch priority Low CVSS severity Low 7.2 Developer Claim ownership PSID e7c1b6cac566 Credits Alex Thomas Required privilege...