The Directorist WordPress plugin before 7.2.3 allows administrators to download other plugins from the same vendor directly to the site, but does not check the URL domain it gets the zip files from. This could allow administrators to run code on the server, which is a problem in multisite configurations.
References
Link | Resource |
---|---|
https://plugins.trac.wordpress.org/changeset/2752034/directorist?contextall=1&old=2731298&old_path=%2Fdirectorist | Third Party Advisory |
https://wpscan.com/vulnerability/03a04eab-be47-4195-af77-0df2a32eb807 | Exploit Third Party Advisory |
https://plugins.trac.wordpress.org/changeset/2752034/directorist?contextall=1&old=2731298&old_path=%2Fdirectorist | Third Party Advisory |
https://wpscan.com/vulnerability/03a04eab-be47-4195-af77-0df2a32eb807 | Exploit Third Party Advisory |
Configurations
History
21 Nov 2024, 07:00
Type | Values Removed | Values Added |
---|---|---|
References | () https://plugins.trac.wordpress.org/changeset/2752034/directorist?contextall=1&old=2731298&old_path=%2Fdirectorist - Third Party Advisory | |
References | () https://wpscan.com/vulnerability/03a04eab-be47-4195-af77-0df2a32eb807 - Exploit, Third Party Advisory |
12 Aug 2022, 15:19
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.9 |
CPE | cpe:2.3:a:wpwax:directorist:*:*:*:*:*:wordpress:*:* | |
References | (CONFIRM) https://plugins.trac.wordpress.org/changeset/2752034/directorist?contextall=1&old=2731298&old_path=%2Fdirectorist - Third Party Advisory | |
References | (MISC) https://wpscan.com/vulnerability/03a04eab-be47-4195-af77-0df2a32eb807 - Exploit, Third Party Advisory |
08 Aug 2022, 14:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-08-08 14:15
Updated : 2024-11-21 07:00
NVD link : CVE-2022-2046
Mitre link : CVE-2022-2046
CVE.ORG link : CVE-2022-2046
JSON object : View
Products Affected
wpwax
- directorist
CWE
CWE-434
Unrestricted Upload of File with Dangerous Type