CVE-2023-6827 — Unrestricted File Upload in Essential Real Estate

CWE-434 — Unrestricted File Upload4 documents4 sources

Severity

8.8HIGHNVD

EPSS

9.6%

top 7.10%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

G5theme Essential Real Estate G5plus Essential Real Estate

Timeline

PublishedDec 15

Latest updateApr 11

Description

The Essential Real Estate plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'ajaxUploadFonts' function in versions up to, and including, 4.3.5. This makes it possible for authenticated attackers with subscriber-level capabilities or above, to upload arbitrary files on the affected site's server which may make remote code execution possible. CVE-2023-6140 appears to be a duplicate of this issue.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

▶NVDg5plus/essential_real_estate4.3.5

▶CVEListV5g5theme/essential_real_estate4.3.5

Patches

Patch: plugins.trac.wordpress.org ↗Patch: plugins.trac.wordpress.org ↗

🔴Vulnerability Details

VulDB

Essential Real Estate Plugin up to 4.3.5 on WordPress unrestricted upload (ID 3009780)↗2026-04-11

▶

CVEList

Essential Real Estate <= 4.3.5 - Authenticated (Subscriber+) Arbitrary File Upload↗2023-12-15

▶

GHSA

GHSA-rxq3-gmwr-j659: The Essential Real Estate plugin for WordPress is vulnerable to arbitrary file uploads due to insufficient file type validation on the 'ajaxUploadFont↗2023-12-15

▶