Unknown · Mw Wp Form · CVE-2023-28409
**Name of the Vulnerable Software and Affected Versions**
MW WP Form versions v4.4.2 and earlier
**Description**
The issue allows a remote unauthenticated attacker to upload an arbitrary file due to an unrestricted upload of files with dangerous types. This may lead to potential security risks.
**Recommendations**
For MW WP Form versions v4.4.2 and earlier, update to a version later than v4.4.2 to resolve the issue. As a temporary workaround, consider restricting file uploads to only allow safe file types until a patch is available.