CVE-2023-2359: Revolution Slider <= 6.6.12 - Author+ Remote Code Execution

0.0 CVSS

Description

The Slider Revolution WordPress plugin through 6.6.12 does not check for valid image files upon import, leading to an arbitrary file upload which may be escalated to Remote Code Execution in some server configurations.

Classification

CVE ID: CVE-2023-2359

CVSS Base Severity: LOW

CVSS Base Score: 0.0

Affected Products

Vendor: Unknown

Product: Slider Revolution

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.18% (probability of being exploited)

EPSS Percentile: 56.29% (scored less or equal to compared to others)

EPSS Date: 2025-02-04 (when was this score calculated)

References

https://wpscan.com/vulnerability/a8350890-e6d4-4b04-a158-2b0ee3748e65

Timeline

2024-12-13 00:30:20 UTC
CVE

Revolution Slider <= 6.6.12 - Author+ Remote Code Execution