Lucene search
WPScanCVELIST:CVE-2023-4238HistorySep 25, 2023 - 3:56 p.m.
CVE-2023-4238 Prevent files / folders access < 2.5.2 - Admin+ Arbitrary File Upload
2023-09-2515:56:52
WPScan
www.cve.org
1
cve-2023-4238
file upload
arbitrary files
0.001 Low
EPSS
Percentile
19.5%
The Prevent files / folders access WordPress plugin before 2.5.2 does not validate files to be uploaded, which could allow attackers to upload arbitrary files such as PHP on the server.
CNA Affected
[
{
"vendor": "Unknown",
"product": "Prevent files / folders access",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThan": "2.5.2"
}
],
"defaultStatus": "unaffected",
"collectionURL": "https://wordpress.org/plugins"
}
]Related
nvd
nvd
CVE-2023-4238
2023-09-25 16:15:14
cve
cve
CVE-2023-4238
2023-09-25 16:15:14
prion
prion
Code injection
2023-09-25 16:15:00
wpvulndb
wpvulndb
Prevent files / folders access < 2.5.2 - Admin+ Arbitrary File Upload
2023-08-30 00:00:00
wpexploit
wpexploit
Prevent files / folders access < 2.5.2 - Admin+ Arbitrary File Upload
2023-08-30 00:00:00
githubexploit
githubexploit
Exploit for CVE-2023-4238
2023-09-11 23:53:11
wordfence
wordfence