Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2023-1273

Published: 04/07/2023 Updated: 07/11/2023
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 0
Subscribe to Nd Shortcodes

Vulnerability Summary

The ND Shortcodes WordPress plugin prior to 7.0 does not validate some shortcode attributes before using them to generate paths passed to include function/s, allowing any authenticated users such as subscriber to perform LFI attacks

Vulnerable Product Search on Vulmon Subscribe to Product

nicdark nd shortcodes

Github Repositories

https://github.com/codeb0ss/CVE-2023-1273-PoC

Mass Exploit - CVE-2023-1273 / ND Shortcodes < LFI

CVE-2023-1273-PoC Mass Exploit - CVE-2023-1273 / ND Shortcodes &lt; LFI Community : tme/codeb0ss

References

https://wpscan.com/vulnerability/0805ed7e-395d-48de-b484-6c3ec1cd4b8ehttps://nvd.nist.govhttps://github.com/codeb0ss/CVE-2023-1273-PoC
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook