CVE-2023-5957

CVSS v3 7.2 HIGH

7.2^/10

CVSS v3 : HIGH

Vector :

Exploitability : 1.2 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required HIGH

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

T

he Ni Purchase Order(PO) For WooCommerce WordPress plugin through 1.2.1 does not validate logo and signature image files uploaded in the settings, allowing high privileged user to upload arbitrary files to the web server, triggering an RCE vulnerability by uploading a web shell.

References

Link	Resource
https://wpscan.com/vulnerability/70f823ff-64ad-4f05-9eb3-b69b3b79dc12	Exploit Third Party Advisory
https://wpscan.com/vulnerability/70f823ff-64ad-4f05-9eb3-b69b3b79dc12	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:naziinfotech:ni_purchase_order\(po\)_for_woocommerce:*:*:*:*:*:wordpress:*:*

History

21 Nov 2024, 08:42

Type	Values Removed	Values Added
References	~~() https://wpscan.com/vulnerability/70f823ff-64ad-4f05-9eb3-b69b3b79dc12 - Exploit, Third Party Advisory~~	() https://wpscan.com/vulnerability/70f823ff-64ad-4f05-9eb3-b69b3b79dc12 - Exploit, Third Party Advisory

Information

Published : 2024-01-08 19:15

Updated : 2025-06-18 16:15

NVD link : CVE-2023-5957

Mitre link : CVE-2023-5957

CVE.ORG link : CVE-2023-5957

JSON object : View

Products Affected

naziinfotech

ni_purchase_order\(po\)_for_woocommerce

CWE

CWE-434

Unrestricted Upload of File with Dangerous Type

{"id": "CVE-2023-5957", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}, {"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 1.2}]}, "published": "2024-01-08T19:15:09.890", "references": [{"url": "https://wpscan.com/vulnerability/70f823ff-64ad-4f05-9eb3-b69b3b79dc12", "tags": ["Exploit", "Third Party Advisory"], "source": "[email protected]"}, {"url": "https://wpscan.com/vulnerability/70f823ff-64ad-4f05-9eb3-b69b3b79dc12", "tags": ["Exploit", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-434"}]}], "descriptions": [{"lang": "en", "value": "The Ni Purchase Order(PO) For WooCommerce WordPress plugin through 1.2.1 does not validate logo and signature image files uploaded in the settings, allowing high privileged user to upload arbitrary files to the web server, triggering an RCE vulnerability by uploading a web shell."}, {"lang": "es", "value": "El complemento Ni Purchase Order(PO) para WooCommerce WordPress hasta 1.2.1 no valida los archivos de imagen de logotipo y firma cargados en la configuraci\u00f3n, lo que permite a un usuario con altos privilegios cargar archivos arbitrarios al servidor web, lo que desencadena una vulnerabilidad RCE al cargar un shell web."}], "lastModified": "2025-06-18T16:15:24.493", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:naziinfotech:ni_purchase_order\\(po\\)_for_woocommerce:*:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "DB401D2E-23A7-4A3F-A27D-983DC248779C", "versionEndIncluding": "1.2.1"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}