CVE-2023-28409 Information

Description

Unrestricted upload of file with dangerous type exists in MW WP Form versions v4.4.2 and earlier which may allow a remote unauthenticated attacker to upload an arbitrary file.

Reference

https://jvn.jp/en/jp/JVN01093915/ https://plugins.2inc.org/mw-wp-form/blog/2023/05/08/752/