Source |
CVE Liste |
Identifiant |
8403622 |
Date de publication |
2023-10-31 14:15:12 (vue: 2023-10-31 17:07:49) |
Titre |
CVE-2023-5360 |
Texte |
Le plugin Royal Elementor Addons and Templates WordPress avant 1.3.79 ne valide pas correctement les fichiers téléchargés, ce qui pourrait permettre aux utilisateurs non authentifiés de télécharger des fichiers arbitraires, tels que PHP et ACHET RCE.
The Royal Elementor Addons and Templates WordPress plugin before 1.3.79 does not properly validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as PHP and achieve RCE. |
Envoyé |
Oui |
Condensat |
2023 5360 achieve addons allow arbitrary before could cve does elementor files not php plugin properly rce royal such templates unauthenticated upload uploaded users validate which wordpress |
Tags |
|
Stories |
|
Notes |
|
Move |
|