Aimogen Pro
Monthly
Arbitrary file upload in CodeRevolution's Aimogen Pro WordPress plugin (versions up to and including 2.8.3) lets attackers upload files of dangerous types, typically enabling deployment of a PHP web shell and full remote code execution on the host. The supplied CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H) rates it 10.0 critical, reflecting network-reachable, low-complexity, unauthenticated exploitation with a scope change. No public exploit identified at time of analysis, and it is not listed in CISA KEV.
Arbitrary file upload in CodeRevolution's Aimogen Pro WordPress plugin (versions up to and including 2.8.3) lets attackers upload files of dangerous types, typically enabling deployment of a PHP web shell and full remote code execution on the host. The supplied CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H) rates it 10.0 critical, reflecting network-reachable, low-complexity, unauthenticated exploitation with a scope change. No public exploit identified at time of analysis, and it is not listed in CISA KEV.