CVE-2023-0477 in Auto Featured Image PluginИнформация

Сводка

по MITRE • 13.03.2023

The Auto Featured Image (Auto Post Thumbnail) WordPress plugin before 3.9.16 includes an AJAX endpoint that allows any user with at least Author privileges to upload arbitrary files, such as PHP files. This is caused by incorrect file extension validation.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Резервировать

24.01.2023

Раскрытие

13.03.2023

Модерация

принято

Вход

VDB-222906

EPSS

0.01645

KEV

Нет

Деятельности

Очень низкий

Сектор

Hostingprovider

Источники

Want to stay up to date on a daily basis?

Enable the mail alert feature now!