Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2023-1273

Disclosure Date: July 04, 2023 (last updated October 08, 2023)
The ND Shortcodes WordPress plugin before 7.0 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users such as subscriber to perform LFI attacks
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0