Lucene search
WPScanVULNRICHMENT:CVE-2023-6140HistoryJan 08, 2024 - 7:00 p.m.
CVE-2023-6140 Essential Real Estate < 4.4 - Subscriber+ Arbitrary File Upload
2024-01-0819:00:36
WPScan
github.com
real estate
wordpress
plugin
vulnerability
arbitrary file upload
limited privileges
remote code execution
The Essential Real Estate WordPress plugin before 4.4.0 does not prevent users with limited privileges on the site, like subscribers, from momentarily uploading malicious PHP files disguised as ZIP archives, which may lead to remote code execution.
Related
prion
prion
Remote code execution
2024-01-08 19:15:00
nvd
nvd
CVE-2023-6140
2024-01-08 19:15:10
cve
cve
CVE-2023-6140
2024-01-08 19:15:10
wpvulndb
wpvulndb
Essential Real Estate < 4.4.0 - Subscriber+ Arbitrary File Upload
2023-12-18 00:00:00
cvelist
cvelist
wpexploit
wpexploit
Essential Real Estate < 4.4.0 - Subscriber+ Arbitrary File Upload
2023-12-18 00:00:00
AI Score
8
Confidence
Low
SSVC
Exploitation
poc
Automatable
no
Technical Impact
total
Related for VULNRICHMENT:CVE-2023-6140