CVE-2023-47621

CVSS 3.1 Score 8.8 of 10 (high)

Details

Published Nov 13, 2023

Updated: Nov 21, 2023

CWE ID 434

Summary

CVE-2023-47621 is a vulnerability affecting the Guest Entries php library. In vulnerable versions, the file uploads feature fails to prevent the upload of PHP files, allowing authenticated users to potentially execute arbitrary code on the server. This issue can lead to serious security consequences and is addressed in version 3.1.2. Users are strongly encouraged to upgrade as soon as possible, as no workarounds are currently available.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tT7Jev
https://www.cve.org/CVERecord?id=CVE-2023-47621
https://nvd.nist.gov/vuln/detail/CVE-2023-47621

Back to Vulnerability Database

CVE-2023-47621

CVSS 3.1 Score 8.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations