CVE-2022-1560

Опубликовано: 16 мая 2022

Источник: nvd

CVSS3: 6.5

CVSS2: 4.3

EPSS Средний

Описание

The Amministrazione Aperta WordPress plugin before 3.8 does not validate the open parameter before using it in an include statement, leading to a Local File Inclusion issue. The original advisory mentions that unauthenticated users can exploit this, however the affected file generates a fatal error when accessed directly and the affected code is not reached. The issue can be exploited via the dashboard when logged in as an admin, or by making a logged in admin open a malicious link

Ссылки

https://wpscan.com/vulnerability/5c5fbbea-92d2-46bb-9a70-75155fffb6de
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/5c5fbbea-92d2-46bb-9a70-75155fffb6de
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:amministrazione_aperta_project:amministrazione_aperta:*:*:*:*:*:wordpress:*:*

Версия до 3.8 (исключая)

EPSS

Процентиль: 96%

0.27775

Средний

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-x2w2-jcc3-34qr

CVSS3: 6.5

github

больше 3 лет назад

The Amministrazione Aperta WordPress plugin through 3.7.3 does not validate the open parameter before using it in an include statement, leading to a Local File Inclusion issue. The original advisory mentions that unauthenticated users can exploit this, however the affected file generates a fatal error when accessed directly and the affected code is not reached. The issue can be exploited via the dashboard when logged in as an admin, or by making a logged in admin open a malicious link

EPSS

Процентиль: 96%

0.27775

Средний

6.5 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-22