This page aggregates publicly disclosed CVE and security risk information related to webandprint, with CVSS, EPSS, publication dates, and vulnerability intelligence data to help assess potential risk and remediation priority.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2023-54350 | WordPress Augmented-Reality plugin contains a remote code execution vulnerability in the elFinder connector that allows unauthenticated attackers to upload and execute arbitrary PHP files. Attackers can send POST requests to the connector.minimal.php endpoint with mkfile and put commands to create malicious PHP files in the file_manager directory and execute them on the server. | [email protected] | 8.7 | 0.53% | 2026-06-07 | 2026-06-17 |
| CVE-2024-50496 | Unrestricted Upload of File with Dangerous Type vulnerability in webandprint AR For WordPress ar-for-wordpress allows Upload a Web Shell to a Web Server.This issue affects AR For WordPress: from n/a through <= 6.6. | [email protected] | 10.0 | 0.50% | 2024-10-28 | 2026-06-17 |