Security Advisory

CVE-2023-5601

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-11-06 20:41:49

Last updated 2025-03-25 19:30:35

Assigner WPScan

State PUBLISHED

Description

The WooCommerce Ninja Forms Product Add-ons WordPress plugin before 1.7.1 does not validate the file to be uploaded, allowing any unauthenticated users to upload arbitrary files to the server, leading to RCE.

← Browse all CVEs View on cve.org ↗