The Enable Media Replace WordPress plugin before 4.0.2 does not prevent authors from uploading arbitrary files to the site, which may allow them to upload PHP shells on affected sites.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2023-02-13T14:32:21.404Z

Updated: 2024-08-02T05:02:44.145Z

Reserved: 2023-01-12T18:47:10.529Z

Link: CVE-2023-0255

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-02-13T15:15:21.243

Modified: 2024-11-21T07:36:50.480

Link: CVE-2023-0255

cve-icon Redhat

No data.