CVE-2023-47846

CVSS 3.1 Score 9.1 of 10 (high)

Details

Published Mar 26, 2024

Updated: Mar 27, 2024

CWE ID 434

Summary

CVE-2023-47846 is a newly discovered vulnerability in the Terry Lin WP Githuber MD plugin. This issue allows for unrestricted file uploads with dangerous types, which can be exploited by attackers to execute arbitrary code on affected WordPress sites. The vulnerability affects versions of the plugin from n/a through 1.16.2. Successful exploitation could lead to serious security consequences, including website compromise and data loss. It is recommended that users of the WP Githuber MD plugin upgrade to the latest version as soon as possible to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/tYQR5h
https://www.cve.org/CVERecord?id=CVE-2023-47846
https://nvd.nist.gov/vuln/detail/CVE-2023-47846

Back to Vulnerability Database

CVE-2023-47846

CVSS 3.1 Score 9.1 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations