cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-2180,https://securityvulnerability.io/vulnerability/CVE-2023-2180,KIWIZ Invoices Certification & PDF System <= 2.1.3 - Unauthenticated Arbitrary File Download,"The KIWIZ Invoices Certification & PDF System WordPress plugin versions up to 2.1.3 suffers from improper input validation, allowing unauthenticated attackers to exploit the system. This vulnerability enables attackers to access and download arbitrary files, potentially leading to unauthorized exposure of sensitive data. Furthermore, if an attacker is able to upload files to the server, they may also perform PHAR unserialization, which can result in further exploitation of the vulnerable system.",Wordpress,Kiwiz Invoices Certification & PDF System,7.5,HIGH,0.002460000105202198,false,,false,false,true,true,false,false,2023-05-15T13:15:00.000Z,0