CVE-2023-28409

Summary

Unrestricted upload of file with dangerous type exists in MW WP Form versions v4.4.2 and earlier, which may allow a remote unauthenticated attacker to upload an arbitrary file.

Affected Software

VendorProductVersion RangeStatus
Monkey Wrench Inc.MW WP Formversions v4.4.2 and earlieraffected

Weaknesses

  • Unrestricted upload of file with dangerous type

ADP Enrichment

CVE Program Container

Additional References

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References