mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-09 15:15:46 +02:00
0xMarcio
1.5 KiB
1.5 KiB
CVE-2023-5360
Description
The Royal Elementor Addons and Templates WordPress plugin before 1.3.79 does not properly validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as PHP and achieve RCE.
POC
Reference
- http://packetstormsecurity.com/files/175992/WordPress-Royal-Elementor-Addons-And-Templates-Remote-Shell-Upload.html
- https://wpscan.com/vulnerability/281518ff-7816-4007-b712-63aed7828b34
Github
- https://github.com/1337r0j4n/CVE-2023-5360
- https://github.com/Chocapikk/CVE-2023-5360
- https://github.com/Chocapikk/Chocapikk
- https://github.com/Jenderal92/WP-CVE-2023-5360
- https://github.com/Pushkarup/CVE-2023-5360
- https://github.com/angkerithhack001/CVE-2023-5360-PoC
- https://github.com/nastar-id/CVE-2023-5360
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/phankz/Worpress-CVE-2023-5360
- https://github.com/phankz/phankz
- https://github.com/sagsooz/CVE-2023-5360
- https://github.com/tucommenceapousser/CVE-2023-5360
- https://github.com/vulai-huaun/VTI-comal