leekenghwa/CVE-2023-26852-Textpattern-v4.8.8-and-

Releases0

Textpattern v4.8.8 and Below are vulnerable to Unrestricted File Upload Leading to Remote Code Execution

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2023-26852 ↗	Apr 12, 2023Wednesday, 12 April 2023, 17:15	7.2 HIGH	—
An arbitrary file upload vulnerability in the upload plugin of Textpattern v4.8.8 and below allows attackers to execute arbitrary code by uploading a crafted PHP file.