[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fpmX63Roy6-Vv9Bi0IvoCmw0rqQ-wcVIptbpXOfJ7JG4":3},{"id":4,"url_slug":5,"title":6,"description":7,"plugin_slug":8,"theme_slug":9,"affected_versions":10,"patched_in_version":11,"severity":12,"cvss_score":13,"cvss_vector":14,"vuln_type":15,"published_date":16,"updated_date":17,"references":18,"days_to_patch":20},"CVE-2023-28413","snow-monkey-forms-directory-traversal-via-view-rest-endpiont","Snow Monkey Forms \u003C= 5.1.1 - Directory Traversal via 'view' REST endpiont","The Snow Monkey Forms plugin for WordPress is vulnerable to Directory Traversal in versions up to, and including, 5.1.1 via the 'view' REST endpoint. This allows unauthenticated attackers to upload files with randomized names and non-executable extensions to arbitrary folders.","snow-monkey-forms",null,"\u003C=5.1.1","5.1.2","medium",5.3,"CVSS:3.1\u002FAV:N\u002FAC:L\u002FPR:N\u002FUI:N\u002FS:U\u002FC:N\u002FI:L\u002FA:N","Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')","2023-05-08 00:00:00","2024-01-22 19:56:02",[19],"https:\u002F\u002Fwww.wordfence.com\u002Fthreat-intel\u002Fvulnerabilities\u002Fid\u002F83d935fc-7d7b-4c25-97f8-d3fe35307c7a?source=api-prod",260]