Critical severity9.8NVD Advisory· Published Nov 6, 2023· Updated Jun 17, 2026
CVE-2023-5601
CVE-2023-5601
Description
The WooCommerce Ninja Forms Product Add-ons WordPress plugin before 1.7.1 does not validate the file to be uploaded, allowing any unauthenticated users to upload arbitrary files to the server, leading to RCE.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <1.7.1
- Range: <1.7.1
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/0035ec5e-d405-4eb7-8fe4-29dd0c71e4bcnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.