exploitDog

CVE-2022-35235

Опубликовано: 23 авг. 2022

Источник: nvd

CVSS3: 4.9

EPSS Низкий

Описание

Authenticated (admin+) Arbitrary File Read vulnerability in XplodedThemes WPide plugin <= 2.6 at WordPress.

Ссылки

https://patchstack.com/database/vulnerability/wpide/wordpress-wpide-plugin-2-6-authenticated-arbitrary-file-read-vulnerability
Patch
Third Party Advisory
https://wordpress.org/plugins/wpide/#developers
Release Notes
Third Party Advisory
https://patchstack.com/database/vulnerability/wpide/wordpress-wpide-plugin-2-6-authenticated-arbitrary-file-read-vulnerability
Patch
Third Party Advisory
https://wordpress.org/plugins/wpide/#developers
Release Notes
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:xplodedthemes:wpide_-_file_manager_\&_code_editor:*:*:*:*:*:wordpress:*:*

Версия до 3.0 (исключая)

EPSS

Процентиль: 76%

0.00983

Низкий

4.9 Medium

CVSS3

Дефекты

CWE-22

CWE-22

Связанные уязвимости

GHSA-q7xv-26r5-c2h7

CVSS3: 4.9

github

больше 3 лет назад

Authenticated (admin+) Arbitrary File Read vulnerability in XplodedThemes WPide plugin <= 2.6 at WordPress.

EPSS

Процентиль: 76%

0.00983

Низкий

4.9 Medium

CVSS3

Дефекты

CWE-22

CWE-22