HIGH
webandprint
CVE published 2026-06-08
CVE-2023-54350
CVE-2023-54350 is a HIGH severity vulnerability in the WordPress Augmented-Reality plugin. The vulnerability is caused by a remote code execution issue in the elFinder connector, which allows unauthenticated attackers to upload and execute arbitrary PHP files. Attackers can exploit this vulnerability by sending POST requests to the connector.minimal.php endpoint with mkfile and put commands to create mali [truncated]