exploitDog

CVE-2022-29447

Опубликовано: 20 мая 2022

Источник: nvd

CVSS3: 6.8

CVSS3: 7.2

CVSS2: 4

EPSS Низкий

Описание

Authenticated (administrator or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Hover Effects plugin <= 2.1 at WordPress.

Ссылки

https://patchstack.com/database/vulnerability/hover-effects/wordpress-hover-effects-plugin-2-1-authenticated-local-file-inclusion-lfi-vulnerability
Release Notes
Third Party Advisory
https://wordpress.org/plugins/hover-effects/#developers
Product
Release Notes
https://patchstack.com/database/vulnerability/hover-effects/wordpress-hover-effects-plugin-2-1-authenticated-local-file-inclusion-lfi-vulnerability
Release Notes
Third Party Advisory
https://wordpress.org/plugins/hover-effects/#developers
Product
Release Notes

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:wow-company:hover_effects:*:*:*:*:*:wordpress:*:*

Версия до 2.1 (включая)

EPSS

Процентиль: 71%

0.00695

Низкий

6.8 Medium

CVSS3

7.2 High

CVSS3

4 Medium

CVSS2

Дефекты

CWE-552

CWE-552

Связанные уязвимости

GHSA-56qr-6hfh-52cg

CVSS3: 7.2

github

больше 3 лет назад

Authenticated (administrator or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Hover Effects plugin <= 2.1 at WordPress.

EPSS

Процентиль: 71%

0.00695

Низкий

6.8 Medium

CVSS3

7.2 High

CVSS3

4 Medium

CVSS2

Дефекты

CWE-552

CWE-552