CVE-2023-5360

Summary

The Royal Elementor Addons and Templates WordPress plugin before 1.3.79 does not properly validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as PHP and achieve RCE.

Affected Software

VendorProductVersion RangeStatus
UnknownRoyal Elementor Addons and Templates0 < 1.3.79affected

Weaknesses

  • CWE-434 Unrestricted Upload of File with Dangerous Type

ADP Enrichment

CVE Program Container

Additional References

References