CVE-2023-47784

HIGH EXPLOITED RANSOMWARE

Slider Revolution < 6.6.15 - Unauthenticated Arbitrary File Upload

Title source: llm

Exploitation Summary

CVE-2023-47784 has been observed exploited in the wild (reported by VulnCheck KEV), including in ransomware campaigns.

Description

Unrestricted Upload of File with Dangerous Type vulnerability in ThemePunch OHG Slider Revolution.This issue affects Slider Revolution: from n/a through 6.6.15.

References (1)

Core 1

Core References

Third Party Advisory vdb-entry

https://patchstack.com/database/vulnerability/revslider/wordpress-slider-revolution-plugin-6-6-15-author-arbitrary-file-upload-vulnerability?_s_id=cve

Scores

CVSS v3 8.4

EPSS 0.0069

EPSS Percentile 48.1%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

VulnCheck KEV 2025-03-19

Ransomware Use Confirmed

CWE

CWE-434

Status published

Products (2)

themepunch/slider_revolution < 6.6.15

ThemePunch OHG/Slider Revolution < 6.6.15

Published Dec 20, 2023

Tracked Since Feb 18, 2026