GSD-2023-5360 — Vulnetix

GSD-2023-5360 PUBLISHED

The Royal Elementor Addons and Templates WordPress plugin before 1.3.79 does not properly validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as PHP and achieve RCE.

Affected Products

Vendor	Product	Versions
Unknown	Royal Elementor Addons and Templates	0

Timeline

Oct 21, 2023 CVE Published
Nov 28, 2023 PoC Published
Feb 6, 2025 PoC Published
Feb 23, 2025 PoC Published
Apr 5, 2025 PoC Published
Aug 31, 2025 PoC Published
Oct 23, 2025 PoC Published

References

https://wpscan.com/vulnerability/281518ff-7816-4007-b712-63aed7828b34 exploit
http://packetstormsecurity.com/files/175992/WordPress-Royal-Elementor-Addons-And-Templates-Remote-Shell-Upload.html url

Open in Interactive Console →