Vulnerability Details CVE-2023-4238
The Prevent files / folders access WordPress plugin before 2.5.2 does not validate files to be uploaded, which could allow attackers to upload arbitrary files such as PHP on the server.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.163
EPSS Ranking 94.4%
CVSS Severity
CVSS v3 Score 7.2
References
Products affected by CVE-2023-4238
-
cpe:2.3:a:miniorange:prevent_files_/_folders_access:*