CVE-2023-5604
- Reference to the description:
- Description:
- The Asgaros Forum WordPress plugin before 2.7.1 allows forum administrators, who may not be WordPress (super-)administrators, to set insecure configuration that allows unauthenticated users to upload dangerous files (e.g. .php, .phtml), potentially leading to remote code execution.
- Last updated date:
- 12/02/2023
- Type:
- exploit
- Confidence:
- HIGH
- Date of publishing:
- 12/02/2023
- Reference url to background
https://wpscan.com/vulnerability/4ce69d71-87bf-4d95-90f2-63d558c78b69