{"vulnerability": "CVE-2023-5601", "sightings": [{"uuid": "103a56d9-f4fc-4840-a82e-c0653d8e8a86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5601", "type": "seen", "source": "https://t.me/cibsecurity/73655", "content": "\u203c CVE-2023-5601 \u203c\n\nThe WooCommerce Ninja Forms Product Add-ons WordPress plugin before 1.7.1 does not validate the file to be uploaded, allowing any unauthenticated users to upload arbitrary files to the server, leading to RCE.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-11-07T00:26:14.000000Z"}, {"uuid": "5ea2a5d6-523e-42b2-bc71-3ada4ebfd759", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5601", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1260", "content": "{VIP} CVE-2023-5601 - Woocomerce Ninja Forms Product Add-Ons < Unauthenticated Arbitrary File Upload / Webshell Upload - Exploit\n\nDetails: New Unauthenticated vulnerable at Woocomerce ninja forms  products add-ons template - plugin, That vulnerable gives the permission to attacker to upload webshell on the website, We created the mass/auto exploiter for that vulnerable, You can brings many shells by this exploit.\n\n\nFor GET VIP @uncodeboss", "creation_timestamp": "2023-10-21T02:37:50.000000Z"}]}