Emlog Pro · Emlog Pro · CVE-2023-44974
**Name of the Vulnerable Software and Affected Versions**
Emlog Pro version 2.2.0
**Description**
An arbitrary file upload issue in the `/admin/plugin.php` component allows attackers to execute arbitrary code by uploading a crafted PHP file.
**Recommendations**
For Emlog Pro version 2.2.0, update to a version that fixes this issue to prevent arbitrary code execution.
As a temporary workaround, consider restricting access to the `/admin/plugin.php` component until a patch is available.
Avoid using the `/admin/plugin.php` component for uploading files until the issue is resolved.