CYBERHAWK / CVE / CVE-2023-54350

CVE-2023-54350

HIGH CVSS 7.5 other

The flaw

WordPress Augmented-Reality plugin contains a remote code execution vulnerability in the elFinder connector that allows unauthenticated attackers to upload and execute arbitrary PHP files. Attackers can send POST requests to the connector.m

What to do

Review advisory and patch per vendor guidance.

▸ Scan my repo for CVE-2023-54350

References

NVD CISA KEV OSV GitHub Advisory MITRE News search

First seen 2026-06-12 · Tracked by PickBits CyberHawk · Weekly CVE digest

← All CVEs RSS Scheduled audits