Lucene search
China National Vulnerability DatabaseCNVD-2022-58435HistoryApr 07, 2022 - 12:00 a.m.
WordPress MapPress Maps plugin authorization problem vulnerability
2022-04-0700:00:00
China National Vulnerability Database
www.cnvd.org.cn
16
wordpress
mappress maps
plugin
authorization
vulnerability
authentication
network system
product
attacker
privileges
disallow_file_edit
disallow_file_mods
ajax_save function
EPSS
0.001
Percentile
42.0%
WordPress is the Wordpress Foundation’s set of blogging platform developed using the PHP language. WordPress plugin is a WordPress open source application plugin. WordPress MapPress Maps plugin has an authorization problem vulnerability that stems from a lack of authentication measures or insufficient authentication strength in the network system or product . An attacker with high privileges can use this vulnerability to bypass the DISALLOW_FILE_EDIT and DISALLOW_FILE_MODS settings and upload arbitrary files to the website via the ajax_save function.
Related
wpexploit
wpexploit
cve
cve
CVE-2022-0537
2022-04-04 16:15:09
wpvulndb
wpvulndb
cvelist
cvelist
patchstack
patchstack
prion
prion
Design/Logic Flaw
2022-04-04 16:15:00
nvd
nvd
CVE-2022-0537
2022-04-04 16:15:09