CVE-2022-0236

🗓️ 18 Jan 2022 16:52:22Reported by WordfenceType

WP Import Export WordPress plugin unauthenticated sensitive data disclosur

Reporter	Title	Published	Views	Family All 12
GithubExploit	Exploit for Missing Authorization in Vjinfotech Wp_Import_Export	16 Jan 202209:52	–	githubexploit
Circl	CVE-2022-0236	18 Jan 202220:25	–	circl
CNNVD	WordPress 安全漏洞	18 Jan 202200:00	–	cnnvd
Cvelist	CVE-2022-0236 WP Import Export (Lite) <= 3.9.15 Unauthenticated Sensitive Data Disclosure	18 Jan 202216:52	–	cvelist
NVD	CVE-2022-0236	18 Jan 202217:15	–	nvd
OSV	CVE-2022-0236	18 Jan 202217:15	–	osv
Patchstack	WordPress WP Import Export Lite plugin <= 3.9.15 - Unauthenticated Sensitive Data Disclosure vulnerability	14 Jan 202200:00	–	patchstack
Patchstack	WordPress WP Import Export premium plugin <= 3.9.15 - Unauthenticated Sensitive Data Disclosure vulnerability	14 Jan 202200:00	–	patchstack
Prion	Design/Logic Flaw	18 Jan 202217:15	–	prion
RedhatCVE	CVE-2022-0236	9 Jan 202608:41	–	redhatcve

NVD

Vulners

Node

vjinfotech wp_import_exportRange≤3.9.15wordpress

vjinfotech wp_import_export_liteRange≤3.9.15wordpress

[
  {
    "product": "WP Import Export",
    "vendor": "vjinfotech",
    "versions": [
      {
        "lessThanOrEqual": "3.9.15",
        "status": "affected",
        "version": "3.9.15",
        "versionType": "custom"
      }
    ]
  },
  {
    "product": "WP Import Export Lite",
    "vendor": "vjinfotech",
    "versions": [
      {
        "lessThanOrEqual": "3.9.15",
        "status": "affected",
        "version": "3.9.15",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
plugins	www.plugins.trac.wordpress.org/changeset/2649762/wp-import-export-lite/trunk/includes/classes/class-wpie-general.php
wordfence	www.wordfence.com/vulnerability-advisories/
github	www.github.com/qurbat/CVE-2022-0236

21 Nov 2024 06:38Current

7.3High risk

Vulners AI Score7.3

CVSS 25

CVSS 3.17.5

EPSS0.3739

SSVC

CWE-862