CVSS: 9.1EPSS: 0%CPEs: 1EXPL: 0CVE-2023-51420 – WordPress Verge3D Plugin <= 4.5.2 is vulnerable to Remote Code Execution (RCE)
https://notcve.org/view.php?id=CVE-2023-51420
29 Dec 2023 — Improper Control of Generation of Code ('Code Injection') vulnerability in Soft8Soft LLC Verge3D Publishing and E-Commerce.This issue affects Verge3D Publishing and E-Commerce: from n/a through 4.5.2. Vulnerabilidad de control inadecuado de generación de código ("inyección de código") en Soft8Soft LLC Verge3D Publishing and E-Commerce. Este problema afecta a Verge3D Publishing and E-Commerce: desde n/a hasta 4.5.2. • https://patchstack.com/database/vulnerability/verge3d/wordpress-verge3d-plugin-4-5-2-remote-code-execution-rce-vulnerability?_s_id=cve • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.9EPSS: 0%CPEs: 1EXPL: 0CVE-2023-51421 – WordPress Verge3D Plugin <= 4.5.2 is vulnerable to Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2023-51421
27 Dec 2023 — Unrestricted Upload of File with Dangerous Type vulnerability in Soft8Soft LLC Verge3D Publishing and E-Commerce.This issue affects Verge3D Publishing and E-Commerce: from n/a through 4.5.2. Vulnerabilidad de carga sin restricciones de archivos con tipo peligroso en Soft8Soft LLC Verge3D Publishing and E-Commerce. Este problema afecta a Verge3D Publishing and E-Commerce: desde n/a hasta 4.5.2. The Verge3D Publishing and E-Commerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing f... • https://patchstack.com/database/vulnerability/verge3d/wordpress-verge3d-plugin-4-5-2-arbitrary-file-upload-vulnerability?_s_id=cve • CWE-434: Unrestricted Upload of File with Dangerous Type •