CVEs-PoC/2023/CVE-2023-1273.md at 8e2ebbf9bd04edab52d0cbcbc6c2f6e2cfdaa67d

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-29 16:29:28 +02:00

Files

T

0xMarcio 4edef1e4c8 Update CVE sources 2024-05-28 08:49

2024-05-28 08:49:17 +00:00

Description

The ND Shortcodes WordPress plugin before 7.0 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users such as subscriber to perform LFI attacks

POC

Reference

https://wpscan.com/vulnerability/0805ed7e-395d-48de-b484-6c3ec1cd4b8e

Github

https://github.com/codeb0ss/CVE-2023-1273-PoC
https://github.com/nomi-sec/PoC-in-GitHub

903 B Raw Blame History

CVE-2023-1273

Description

POC

Reference

Github

903 B

Raw Blame History