Vulnerabilities > Atomicwebstrategy > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-11-06 CVE-2023-5601 Unrestricted Upload of File with Dangerous Type vulnerability in Atomicwebstrategy Woocommerce Ninja Forms Product Add-Ons
The WooCommerce Ninja Forms Product Add-ons WordPress plugin before 1.7.1 does not validate the file to be uploaded, allowing any unauthenticated users to upload arbitrary files to the server, leading to RCE.
network
low complexity
atomicwebstrategy CWE-434
critical
9.8