exploitDog

CVE-2022-33900

Опубликовано: 22 авг. 2022

Источник: nvd

CVSS3: 4.1

CVSS3: 7.2

EPSS Низкий

Описание

PHP Object Injection vulnerability in Easy Digital Downloads plugin <= 3.0.1 at WordPress.

Ссылки

https://patchstack.com/database/vulnerability/easy-digital-downloads/wordpress-easy-digital-downloads-plugin-3-0-1-php-object-injection-vulnerability
Patch
Third Party Advisory
https://wordpress.org/plugins/easy-digital-downloads/#developers
Release Notes
Third Party Advisory
https://patchstack.com/database/vulnerability/easy-digital-downloads/wordpress-easy-digital-downloads-plugin-3-0-1-php-object-injection-vulnerability
Patch
Third Party Advisory
https://wordpress.org/plugins/easy-digital-downloads/#developers
Release Notes
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:awesomemotive:easy_digital_downloads:*:*:*:*:*:wordpress:*:*

Версия до 3.0.1 (включая)

EPSS

Процентиль: 73%

0.00746

Низкий

4.1 Medium

CVSS3

7.2 High

CVSS3

Дефекты

CWE-502

CWE-502

Связанные уязвимости

GHSA-262j-qv9g-9xhx

CVSS3: 7.2

github

больше 3 лет назад

PHP Object Injection vulnerability in Easy Digital Downloads plugin <= 3.0.1 at WordPress.

EPSS

Процентиль: 73%

0.00746

Низкий

4.1 Medium

CVSS3

7.2 High

CVSS3

Дефекты

CWE-502

CWE-502