CVE-2023-1406
CVE-2023-1406 affects the JetEngine WordPress plugin prior to 3.1.3.1. The vulnerability arises from uploading files without sufficient checks to prevent executable content, enabling remote code execution. A fix is available: upgrade to JetEngine 3.1.3.1 or later. If upgrading is not possible, ap...