The Royal Elementor Addons and Templates WordPress plugin before 1.3.79 does not properly validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as PHP and achieve RCE.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: WPScan

Published: 2023-10-31T13:54:42.111Z

Updated: 2024-08-02T07:59:44.302Z

Reserved: 2023-10-03T13:30:26.067Z

Link: CVE-2023-5360

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-10-31T14:15:12.773

Modified: 2024-11-21T08:41:36.570

Link: CVE-2023-5360

cve-icon Redhat

No data.