Skip to main content

CVE-2023-5360

Description

The Royal Elementor Addons and Templates WordPress plugin before 1.3.79 does not properly validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as PHP and achieve RCE.

NVD
Severity: CRITICAL
CVE ID: CVE-2023-5360
CVSS Score: 9.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Refrence: NVDMITRE

Proof Of Concept

Nuclei Templates for CVE-2023-5360
sagsooz

CVE-2023-5360 Auto Shell Upload WordPress Royal Elementor 1.3.78 Shell Upload

Refrence: GitHub

phankz

Refrence: GitHub

nastar-id

CVE-2023-5360

Refrence: GitHub

Chocapikk

Exploit for the unauthenticated file upload vulnerability in WordPress's Royal Elementor Addons and Templates plugin (< 1.3.79). CVE-ID: CVE-2023-5360.

Refrence: GitHub

tucommenceapousser

Exploit for the unauthenticated file upload vulnerability in WordPress's Royal Elementor Addons and Templates plugin (< 1.3.79). CVE-ID: CVE-2023-5360.

Refrence: GitHub

Jenderal92

Python 2.7

Refrence: GitHub

Pushkarup

The Royal Elementor Addons and Templates WordPress plugin before 1.3.79 does not properly validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as PHP and achieve RCE.

Refrence: GitHub

1337r0j4n

CVE-2023-5360 Exploit/POC

Refrence: GitHub

angkerithhack001

CVE-2023-5360 EXPLOIT

Refrence: GitHub

Content on GitHub

codeb0ss | watchers:1

xWP-2

Refrence: GitHub

Tags:
Last updated on by Vulnerability_bot_v1.3.9