4 matches found
CVE-2023-7082
creationtimestamp| type| source ---|---|--- 2024-01-22 21:31:31+00:00| seen| https://t.me/ctinow/171448 2024-01-26 23:16:34+00:00| seen| https://t.me/ctinow/174532 2024-02-16 10:41:33+00:00| seen| https://t.me/ctinow/186245...
CVE-2023-7082
CVE-2023-7082 corresponds to a WordPress WP All Import plugin vulnerability. WP All Import < 3.7.3 allows admin users to upload zip files and automatically extracts them into a publicly accessible directory without proper validation of the extracted file types, enabling an administrator to pla...
CVE-2023-7082 WP All Import < 3.7.3 - Admin+ Arbitrary File Upload to RCE
The Import any XML or CSV File to WordPress plugin before 3.7.3 accepts all zip files and automatically extracts the zip file into a publicly accessible directory without sufficiently validating the extracted file type. This may allows high privilege users such as administrator to upload an...
CVE-2023-7082 WP All Import < 3.7.3 - Admin+ Arbitrary File Upload to RCE
The Import any XML or CSV File to WordPress plugin before 3.7.3 accepts all zip files and automatically extracts the zip file into a publicly accessible directory without sufficiently validating the extracted file type. This may allows high privilege users such as administrator to upload an...