CVE-2023-51475 – WordPress WP MLM Unilevel Plugin <= 4.0 is vulnerable to Arbitrary File Upload

https://notcve.org/view.php?id=CVE-2023-51475

27 Dec 2023 — Unrestricted Upload of File with Dangerous Type vulnerability in IOSS WP MLM SOFTWARE PLUGIN.This issue affects WP MLM SOFTWARE PLUGIN: from n/a through 4.0. Vulnerabilidad de carga sin restricciones de archivos con tipo peligroso en IOSS WP MLM SOFTWARE PLUGIN. Este problema afecta a WP MLM SOFTWARE PLUGIN: desde n/a hasta 4.0. The WP MLM SOFTWARE PLUGIN plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in all versions up to, and including, 4.0. This makes it ... • https://patchstack.com/database/vulnerability/wp-mlm/wordpress-wp-mlm-unilevel-plugin-4-0-unauthenticated-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •