1 results (0.030 seconds)

CVSS: 8.3EPSS: 0%CPEs: 1EXPL: 2

CVE-2023-4238 – Prevent files / folders access < 2.5.2 - Admin+ Arbitrary File Upload

https://notcve.org/view.php?id=CVE-2023-4238

28 Aug 2023 — The Prevent files / folders access WordPress plugin before 2.5.2 does not validate files to be uploaded, which could allow attackers to upload arbitrary files such as PHP on the server. El complemento Impedir el acceso a archivos/carpetas de WordPress anteriores a 2.5.2 no valida los archivos que se cargarán, lo que podría permitir a los atacantes cargar archivos arbitrarios como PHP en el servidor. The Prevent files / folders access plugin for WordPress is vulnerable to arbitrary file uploads due to missin... • https://github.com/codeb0ss/CVE-2023-4238-PoC • CWE-434: Unrestricted Upload of File with Dangerous Type •