exploitDog

CVE-2022-4061

Опубликовано: 19 дек. 2022

Источник: nvd

CVSS3: 7.5

EPSS Средний

Описание

The JobBoardWP WordPress plugin before 1.2.2 does not properly validate file names and types in its file upload functionalities, allowing unauthenticated users to upload arbitrary files such as PHP.

Ссылки

https://wpscan.com/vulnerability/fec68e6e-f612-43c8-8301-80f7ae3be665
Exploit
Third Party Advisory
https://wpscan.com/vulnerability/fec68e6e-f612-43c8-8301-80f7ae3be665
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:ultimatemember:jobboardwp:*:*:*:*:*:wordpress:*:*

Версия до 1.2.2 (исключая)

EPSS

Процентиль: 96%

0.22249

Средний

7.5 High

CVSS3

Дефекты

Связанные уязвимости

GHSA-3459-2j34-8x8g

CVSS3: 7.5

github

около 3 лет назад

The JobBoardWP WordPress plugin before 1.2.2 does not properly validate file names and types in its file upload functionalities, allowing unauthenticated users to upload arbitrary files such as PHP.

EPSS

Процентиль: 96%

0.22249

Средний

7.5 High

CVSS3

Дефекты