CVSS 3.1 Score 8.8 of 10 (high)


Published Dec 26, 2023
Updated: Jan 4, 2024
CWE ID 434


CVE-2023-5673 is a vulnerability found in the WP Mail Log WordPress plugin version 1.1.3 and earlier. It allows attackers to upload PHP files by exploiting a lack of proper file extension validation, which can lead to remote code execution. The affected products include versions qTCiNA, qTCiNB, qTCiNC, qTCiND, qTCiNE, qTCiNF, qTCiNG, sCvi3t, sCvi3s, and sCvi3u. To remediate this vulnerability, users should update the plugin to version 1.1.4 or later. This vulnerability poses a high risk to organizations as it can result in unauthorized access and manipulation of sensitive data on affected systems.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-5673 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options