The Upload Resume WordPress plugin through 1.2.0 does not validate the captcha parameter when uploading a resume via the resume_upload_form shortcode, allowing unauthenticated visitors to upload arbitrary media files to the site.
References
Link | Resource |
---|---|
https://wpscan.com/vulnerability/1b0fe0ac-d0d1-473d-af5b-dad6217933d4 | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: WPScan
Published: 2023-06-19T10:52:52.446Z
Updated: 2023-06-19T10:52:52.446Z
Reserved: 2023-05-17T06:26:03.200Z
Link: CVE-2023-2751
JSON object: View
NVD Information
Status : Modified
Published: 2023-06-19T11:15:10.600
Modified: 2023-11-07T04:13:15.987
Link: CVE-2023-2751
JSON object: View
Redhat Information
No data.
CWE
No CWE.