"Vulnerability Exposed in WordPress Plugin User Submitted Posts"
"Vulnerability Exposed in WordPress Plugin User Submitted Posts"
Security researchers at Patchstack have discovered a new vulnerability in the User Submitted Posts WordPress plugin (versions 20230902 and below). With over 20,000 active installations, this popular plugin is used for user-generated content submissions and is developed by Plugin Planet. The researchers noted that the vulnerability has been assigned CVE-2023-45603. According to the researchers, this plugin suffers from an unauthenticated arbitrary file upload vulnerability.