WordPress Frontend Admin by DynamiApps Plugin <= 3.18.3 is vulnerable to Arbitrary File Upload
CVE-2023-51411
10CRITICAL
Key Information:
- Vendor
- WordPress
- Vendor
- CVE Published:
- 29 December 2023
Summary
The Shabti Kaplan Frontend Admin plugin by DynamiApps exhibits a vulnerability that allows unauthorized users to upload files of dangerous types. This could lead to severe security implications, as malicious entities could exploit this vulnerability to execute arbitrary code or manipulate server files, potentially compromising the integrity and confidentiality of the system. Affected versions include n/a through 3.18.3, underscoring the urgency of applying protective measures.
Affected Version(s)
Frontend Admin by DynamiApps <= 3.18.3
References
CVSS V3.1
Score:
10
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Rafie Muhammad (Patchstack)