High severity7.2NVD Advisory· Published Sep 25, 2023· Updated Jun 17, 2026
CVE-2023-4300
CVE-2023-4300
Description
The Import XML and RSS Feeds WordPress plugin before 2.1.4 does not filter file extensions for uploaded files, allowing an attacker to upload a malicious PHP file, leading to Remote Code Execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Import XML and RSS Feeds plugindescription
- Range: <2.1.4
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/d4220025-2272-4d5f-9703-4b2ac4a51c42nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.