Lucene search
China National Vulnerability DatabaseCNVD-2022-57433HistoryMay 18, 2022 - 12:00 a.m.
WordPress Fusion Builders plugin access control error vulnerability
2022-05-1800:00:00
China National Vulnerability Database
www.cnvd.org.cn
27
0.222 Low
EPSS
Percentile
96.5%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Fusion Builders plugin versions prior to 3.6.2 contain an access control error vulnerability that stems from failure to validate parameters of arbitrary HTTP requests, which could be exploited by an attacker to bypass firewalls and access control measures to interact with hosts on the server’s local network.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wordpress fusion builders plugin | lt | 3.6.2 |
Related
cve
cve
CVE-2022-1386
2022-05-16 15:15:09
nuclei
nuclei
WordPress Fusion Builder <3.6.2 - Server-Side Request Forgery
2022-07-23 13:38:58
patchstack
patchstack
prion
prion
Session fixation
2022-05-16 15:15:00
cvelist
cvelist
CVE-2022-1386 Fusion Builder < 3.6.2 - Unauthenticated SSRF
2022-05-16 14:30:50
githubexploit
githubexploit
nvd
nvd
CVE-2022-1386
2022-05-16 15:15:09
wpexploit
wpexploit
Fusion Builder < 3.6.2 - Unauthenticated SSRF
2022-04-19 00:00:00
wpvulndb
wpvulndb
Fusion Builder < 3.6.2 - Unauthenticated SSRF
2022-04-19 00:00:00