CVE-2023-5360
Description
The Royal Elementor Addons and Templates WordPress plugin before 1.3.79 does not properly validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as PHP and achieve RCE.
Severity: CRITICAL
CVE ID: CVE-2023-5360
CVSS Score: 9.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Proof Of Concept
Nuclei Templates for CVE-2023-5360
Refrence: Project Discovery GitHub
sagsooz
CVE-2023-5360 Auto Shell Upload WordPress Royal Elementor 1.3.78 Shell Upload
Refrence: GitHub
phankz
Refrence: GitHub
nastar-id
CVE-2023-5360
Refrence: GitHub
Chocapikk
Exploit for the unauthenticated file upload vulnerability in WordPress's Royal Elementor Addons and Templates plugin (< 1.3.79). CVE-ID: CVE-2023-5360.
Refrence: GitHub
tucommenceapousser
Exploit for the unauthenticated file upload vulnerability in WordPress's Royal Elementor Addons and Templates plugin (< 1.3.79). CVE-ID: CVE-2023-5360.
Refrence: GitHub
Jenderal92
Python 2.7
Refrence: GitHub
Pushkarup
The Royal Elementor Addons and Templates WordPress plugin before 1.3.79 does not properly validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as PHP and achieve RCE.
Refrence: GitHub
1337r0j4n
CVE-2023-5360 Exploit/POC
Refrence: GitHub
angkerithhack001
CVE-2023-5360 EXPLOIT
Refrence: GitHub
Content on GitHub
codeb0ss | watchers:1
xWP-2
Refrence: GitHub