CVE-2023-1406 Information

Description

The JetEngine WordPress plugin before 3.1.3.1 includes uploaded files without adequately ensuring that they are not executable leading to a remote code execution vulnerability.

Reference

https://wpscan.com/vulnerability/2a81b6b1-2339-4889-9c28-1af133df8b65