CVE-2023-5199 – PHP to Page <= 0.3 - Authenticated (Subscriber+) Local File Inclusion to Remote Code Execution via Shortcode

https://notcve.org/view.php?id=CVE-2023-5199

The PHP to Page plugin for WordPress is vulnerable Local File Inclusion to Remote Code Execution in versions up to, and including, 0.3 via the 'php-to-page' shortcode. This allows authenticated attackers with subscriber-level permissions or above, to include local file and potentially execute code on the server. While subscribers may need to poison log files or otherwise get a file installed in order to achieve remote code execution, author and above users can upload files by default and achieve remote code execution easily. El complemento PHP to Page para WordPress es vulnerable a la Inclusión de Archivos Locales en la Ejecución Remota de Código en versiones hasta la 0.3 incluida a través del shortcode 'php-to-page'. Esto permite a atacantes autenticados con permisos de nivel de suscriptor o superiores incluir archivos locales y potencialmente ejecutar código en el servidor. • https://plugins.trac.wordpress.org/browser/php-to-page/trunk/php-to-page.php?rev=441028#L22 https://www.wordfence.com/threat-intel/vulnerabilities/id/83e5a0dc-fc51-4565-945f-190cf9175874?source=cve • CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') CWE-552: Files or Directories Accessible to External Parties •