exploitDog

CVE-2022-42698

Опубликовано: 18 нояб. 2022

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

Unauth. Arbitrary File Upload vulnerability in WordPress Api2Cart Bridge Connector plugin <= 1.1.0 on WordPress.

Ссылки

https://patchstack.com/database/vulnerability/api2cart-bridge-connector/wordpress-api2cart-bridge-connector-plugin-1-1-0-arbitrary-file-upload-vulnerability?_s_id=cve
Third Party Advisory
https://wordpress.org/plugins/api2cart-bridge-connector/#developers
Release Notes
Third Party Advisory
https://patchstack.com/database/vulnerability/api2cart-bridge-connector/wordpress-api2cart-bridge-connector-plugin-1-1-0-arbitrary-file-upload-vulnerability?_s_id=cve
Third Party Advisory
https://wordpress.org/plugins/api2cart-bridge-connector/#developers
Release Notes
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:api2cart:api2cart_bridge_connector:1.0.0:*:*:*:*:wordpress:*:*

cpe:2.3:a:api2cart:api2cart_bridge_connector:1.1.0:*:*:*:*:wordpress:*:*

EPSS

Процентиль: 74%

0.00798

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-434

CWE-434

Связанные уязвимости

GHSA-ffh7-33x5-8fmc

CVSS3: 9.8

github

около 3 лет назад

Unauth. Arbitrary File Upload vulnerability in WordPress Api2Cart Bridge Connector plugin <= 1.1.0 on WordPress.

EPSS

Процентиль: 74%

0.00798

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-434

CWE-434