Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 5:7 a.m.8 views

CVE-2023-5957

The Ni Purchase OrderPO For WooCommerce WordPress plugin through 1.2.1 does not validate logo and signature image files uploaded in the settings, allowing high privileged user to upload arbitrary files to the web server, triggering an RCE vulnerability by uploading a web shell...

7.2CVSS6.8AI score0.00876EPSS
Exploits2References1
Circl
Circl
added 2024/01/08 8:27 p.m.5 views

CVE-2023-5957

creationtimestamp| type| source ---|---|--- 2024-01-08 20:27:01+00:00| seen| https://t.me/ctinow/164603 2024-01-25 14:42:01+00:00| seen| https://t.me/ctinow/173472 2025-06-18 16:43:43+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/18792...

7.2CVSS7AI score0.00876EPSS
Exploits2References3
NVD
NVD
added 2024/01/08 7:15 p.m.12 views

CVE-2023-5957

The Ni Purchase OrderPO For WooCommerce WordPress plugin through 1.2.1 does not validate logo and signature image files uploaded in the settings, allowing high privileged user to upload arbitrary files to the web server, triggering an RCE vulnerability by uploading a web shell...

7.2CVSS6.9AI score0.00876EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2024/01/08 7:0 p.m.5 views

CVE-2023-5957 Ni Purchase Order(PO) For WooCommerce <= 1.2.1 - Admin+ File Upload to Remote Code Execution

The Ni Purchase OrderPO For WooCommerce WordPress plugin through 1.2.1 does not validate logo and signature image files uploaded in the settings, allowing high privileged user to upload arbitrary files to the web server, triggering an RCE vulnerability by uploading a web shell...

7AI score0.00876EPSS
Exploits2References1
CVE
CVE
added 2024/01/08 7:0 p.m.59 views

CVE-2023-5957

CVE-2023-5957 affects the Ni Purchase Order (PO) for WooCommerce WordPress plugin up to version 1.2.1. The vulnerability arises because the plugin does not validate logo and signature image files uploaded in the settings, allowing a high-privilege user to upload arbitrary files to the web server ...

7.2CVSS6.8AI score0.00876EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2024/01/08 7:0 p.m.16 views

CVE-2023-5957 Ni Purchase Order(PO) For WooCommerce <= 1.2.1 - Admin+ File Upload to Remote Code Execution

The Ni Purchase OrderPO For WooCommerce WordPress plugin through 1.2.1 does not validate logo and signature image files uploaded in the settings, allowing high privileged user to upload arbitrary files to the web server, triggering an RCE vulnerability by uploading a web shell...

7AI score0.00876EPSS
Exploits2References1
Rows per page
Query Builder