cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-4330,https://securityvulnerability.io/vulnerability/CVE-2021-4330,Arbitrary File Upload Vulnerability in Envato Elements and Template Kit – Import for WordPress,"The Envato Elements & Download and Template Kit – Import plugins for WordPress exhibit a security flaw that allows for arbitrary file uploads. This vulnerability arises from inadequate validation of file types during the extraction of uploaded Zip files within specific functions. As a result, attackers with contributor-level permissions can exploit this weakness to upload unauthorized files, potentially leading to remote code execution. This issue affects versions of both plugins up to and including 2.0.10 for Envato Elements & Download and 1.0.13 for Template Kit – Import.",Wordpress,"Template Kit – Import,Envato Elements – Photos & Elementor Templates",8.8,HIGH,0.08590000122785568,false,,false,false,false,,,false,false,,2023-03-07T13:51:38.617Z,0