Showing 1 - 2 of 2

Files from Mateus Machado Tesser

First Active	2023-06-05
Last Active	2023-07-25

WordPress File Manager Advanced Shortcode 2.3.2 Remote Code Execution: Posted Jul 25, 2023; Authored by h00die-gr3y, Mateus Machado Tesser | Site metasploit.com; WordPress File Manager Advanced Shortcode plugin does not adequately prevent uploading files with disallowed MIME types when using the shortcode. This leads to remote code execution in cases where the allowed MIME type list does not include PHP files. In the worst case, this is available to unauthenticated users, but it also works in an authenticated configuration. Versions 2.3.2 and below are affected. To install the Shortcode plugin File Manager Advanced version 5.0.5 or lower is required to keep the configuration vulnerable. Any user privileges can exploit this vulnerability which results in access to the underlying operating system with the same privileges under which the Wordpress web services run.; tags | exploit, remote, web, php, code execution; advisories | CVE-2023-2068; SHA-256 | 70276f13c7da05f57a272fbb51cb03ce6c129189c7bb524b4612cc20be063403; Download | Favorite | View

File Manager Advanced Shortcode 2.3.2 Remote Code Execution: Posted Jun 5, 2023; Authored by Mateus Machado Tesser; File Manager Advanced Shortcode version 2.3.2 suffers from a remote code execution vulnerability.; tags | exploit, remote, code execution; advisories | CVE-2023-2068; SHA-256 | 123fe999b3768d81b415d9afb97d193fbe64d07848b6123122bd60e3c119ac03; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days