CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 2CVE-2023-0255 – Enable Media Replace < 4.0.2 - Author+ Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2023-0255
17 Jan 2023 — The Enable Media Replace WordPress plugin before 4.0.2 does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites. The Enable Media Replace plugin for WordPress is vulnerable to arbitrary file uploads in versions up to, and including, 4.0.1. This makes it possible for authenticated attackers, with author-level permissions and above, to upload arbitrary files on the affected sites server which may make remote code execution possible. • https://github.com/codeb0ss/CVE-2023-0255-PoC • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 1CVE-2022-2554 – Enable Media Replace < 4.0.0 - Admin+ Path Traversal
https://notcve.org/view.php?id=CVE-2022-2554
14 Sep 2022 — The Enable Media Replace WordPress plugin before 4.0.0 does not ensure that renamed files are moved to the Upload folder, which could allow high privilege users such as admin to move them outside to the web root directory via a path traversal attack for example El plugin Enable Media Replace de WordPress versiones anteriores a 4.0.0, no asegura que los archivos renombrados sean movidos a la carpeta Upload, lo que podría permitir a usuarios con altos privilegios, como el administrador, moverlos fuera del dir... • https://wpscan.com/vulnerability/5872f4bf-f423-4ace-b8b6-d4cc4f6ca8d9 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0CVE-2022-29417 – WordPress ShortPixel Adaptive Images plugin <= 3.3.1 - Subscriber+ Plugin Settings Update vulnerability
https://notcve.org/view.php?id=CVE-2022-29417
25 Apr 2022 — Plugin Settings Update vulnerability in ShortPixel's ShortPixel Adaptive Images plugin <= 3.3.1 at WordPress allows an attacker with a low user role like a subscriber or higher to change the plugin settings. Una vulnerabilidad en la actualización de la configuración del plugin ShortPixel Adaptive Images versiones anteriores a 3.3.1 incluyéndola en WordPress, permite a un atacante con un rol de usuario bajo, como un suscriptor o superior, cambiar la configuración del plugin • https://patchstack.com/database/vulnerability/shortpixel-adaptive-images/wordpress-shortpixel-adaptive-images-plugin-3-3-1-subscriber-plugin-settings-update-vulnerability • CWE-284: Improper Access Control •