cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-4311,https://securityvulnerability.io/vulnerability/CVE-2023-4311,Vrm 360 3D Model Viewer <= 1.2.1 - Contributor+ Arbitrary File Upload Leading to RCE,"The Vrm 360 3D Model Viewer plugin for WordPress, up to version 1.2.1, has a security flaw that allows attackers to upload arbitrary files via insufficient validation in a shortcode. This vulnerability can potentially lead to unauthorized access and compromise of the WordPress site, making it essential for users to update their plugins to mitigate any associated risks.",Wordpress,Vrm 360 3D Model Viewer,8.8,HIGH,0.0007600000244565308,false,,false,false,false,,false,false,2023-12-18T20:15:00.000Z,0
CVE-2023-5177,https://securityvulnerability.io/vulnerability/CVE-2023-5177,Vrm 360 3D Model Viewer <= 1.2.1 - Full Path Disclosure,The Vrm 360 3D Model Viewer WordPress plugin through 1.2.1 exposes the full path of a file when putting in a non-existent file in a parameter of the shortcode.,Wordpress,Vrm 360 3D Model Viewer,5.3,MEDIUM,0.0006600000197067857,false,,false,false,false,,false,false,2023-10-16T20:15:00.000Z,0