CVE-2022-2594

Опубликовано: 22 авг. 2022

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

The Advanced Custom Fields WordPress plugin before 5.12.3, Advanced Custom Fields Pro WordPress plugin before 5.12.3 allows unauthenticated users to upload files allowed in a default WP configuration (so PHP is not possible) if there is a frontend form available. This vulnerability was introduced in the 5.0 rewrite and did not exist prior to that release.

Ссылки

https://wpscan.com/vulnerability/3fde5336-552c-4861-8b4d-89a16735c0e2
Exploit
Third Party Advisory
https://www.pritect.net/blog/advanced-custom-fields-5-12-3-can-allow-unauthenticated-users-to-upload-arbitrary-files
Third Party Advisory
https://wpscan.com/vulnerability/3fde5336-552c-4861-8b4d-89a16735c0e2
Exploit
Third Party Advisory
https://www.pritect.net/blog/advanced-custom-fields-5-12-3-can-allow-unauthenticated-users-to-upload-arbitrary-files
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:advancedcustomfields:advanced_custom_fields:*:*:*:*:*:wordpress:*:*

Версия от 5.0.0 (включая) до 5.12.3 (исключая)

cpe:2.3:a:advancedcustomfields:advanced_custom_fields:*:*:*:*:pro:wordpress:*:*

Версия от 5.0.0 (включая) до 5.12.3 (исключая)

EPSS

Процентиль: 82%

0.01795

Низкий

8.8 High

CVSS3

Дефекты

CWE-434

Связанные уязвимости

GHSA-m8hq-2c8m-w6cm