Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:6 a.m.12 views

CVE-2023-6827

The Essential Real Estate plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'ajaxUploadFonts' function in versions up to, and including, 4.3.5. This makes it possible for authenticated attackers with subscriber-level capabilities or above...

8.8CVSS7.9AI score0.01265EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/12/15 7:30 a.m.28 views

CVE-2023-6827 Essential Real Estate <= 4.3.5 - Authenticated (Subscriber+) Arbitrary File Upload

The Essential Real Estate plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'ajaxUploadFonts' function in versions up to, and including, 4.3.5. This makes it possible for authenticated attackers with subscriber-level capabilities or above...

7.5CVSS9AI score0.01265EPSS
Exploits0References3
CVE
CVE
added 2023/12/15 7:30 a.m.64 views

CVE-2023-6827

The CVE concerns the WordPress plugin Essential Real Estate (

8.8CVSS7.8AI score0.01265EPSS
Exploits0References3Affected Software1
Patchstack
Patchstack
added 2023/12/15 12:0 a.m.30 views

WordPress Essential Real Estate Plugin <= 4.3.5 is vulnerable to Arbitrary File Upload

Software Essential Real Estate Type Plugin Vulnerable versions = 4.3.5 Fixed in 4.4.0 OWASP Top 10 A1: Injection Classification Arbitrary File Upload CVE CVE-2023-6827 Patch priority High CVSS severity High 9.9 Developer Claim ownership PSID 4162eb3df384 Credits István Márton Required privilege...

8.8CVSS6.8AI score0.01265EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder