VYPR
Unrated severityNVD Advisory· Published Nov 27, 2023· Updated Jun 5, 2025

Asgaros Forum < 2.7.1 - Unauthenticated Arbitrary File Upload

CVE-2023-5604

Description

The Asgaros Forum WordPress plugin before 2.7.1 allows forum administrators, who may not be WordPress (super-)administrators, to set insecure configuration that allows unauthenticated users to upload dangerous files (e.g. .php, .phtml), potentially leading to remote code execution.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.