Vulnerabilities > Envato > Envato Elements
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-03-07 | CVE-2021-4330 | Unspecified vulnerability in Envato Elements and Template KIT - Import The Envato Elements & Download and Template Kit – Import plugins for WordPress are vulnerable to arbitrary file uploads due to insufficient validation of file type upon extracting uploaded Zip files in the installFreeTemplateKit and uploadTemplateKitZipFile functions. | 8.8 |