The Enable Media Replace WordPress plugin before 4.0.2 does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites.
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/b0239208-1e23-4774-9b8c-9611704a07a0 | Exploit Third Party Advisory |
Configurations
Information
Published : 2023-02-13 07:15
Updated : 2023-02-15 08:04
NVD link : CVE-2023-0255
Mitre link : CVE-2023-0255
JSON object : View
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type
Products Affected
shortpixel
- enable_media_replace