cve/2023/CVE-2023-5762.md

### [CVE-2023-5762](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5762)
![](https://img.shields.io/static/v1?label=Product&message=Filr&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=0%3C%201.2.3.6%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-94%20Improper%20Control%20of%20Generation%20of%20Code%20('Code%20Injection')&color=brighgreen)

### Description

The Filr WordPress plugin before 1.2.3.6 is vulnerable from an RCE (Remote Code Execution) vulnerability, which allows the operating system to execute commands and fully compromise the server on behalf of a user with Author-level privileges.

### POC

#### Reference
- https://wpscan.com/vulnerability/6ad99725-eccc-4b61-bce2-668b62619deb

#### Github
No PoCs found on GitHub currently.
Update Sat May 25 21:48:12 CEST 2024 2024-05-25 21:48:12 +02:00			`### [CVE-2023-5762](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5762)`
			`![](https://img.shields.io/static/v1?label=Product&message=Filr&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=0%3C%201.2.3.6%20&color=brighgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-94%20Improper%20Control%20of%20Generation%20of%20Code%20('Code%20Injection')&color=brighgreen)`

			`### Description`

			`The Filr WordPress plugin before 1.2.3.6 is vulnerable from an RCE (Remote Code Execution) vulnerability, which allows the operating system to execute commands and fully compromise the server on behalf of a user with Author-level privileges.`

			`### POC`

			`#### Reference`
			`- https://wpscan.com/vulnerability/6ad99725-eccc-4b61-bce2-668b62619deb`

			`#### Github`
			`No PoCs found on GitHub currently.`