CVE-2022-0440

🗓️ 07 Mar 2022 08:16:42Reported by WPScanType

cve🔗 web.nvd.nist.gov👁 90 Views🌐 WEB

The Catch Themes Demo Import WordPress plugin before 2.1.1 allows high privilege admin to upload arbitrary PHP file

Reporter	Title	Published	Views	Family All 9
CNNVD	WordPress plugin Catch Themes Demo Import 代码问题漏洞	7 Mar 202200:00	–	cnnvd
Cvelist	CVE-2022-0440 Catch Themes Demo Import < 2.1.1 - Admin+ Remote Code Execution	7 Mar 202208:16	–	cvelist
EUVD	EUVD-2022-15579	3 Oct 202520:07	–	euvd
NVD	CVE-2022-0440	7 Mar 202209:15	–	nvd
OSV	CVE-2022-0440	7 Mar 202209:15	–	osv
Prion	Design/Logic Flaw	7 Mar 202209:15	–	prion
RedhatCVE	CVE-2022-0440	9 Jan 202610:45	–	redhatcve
wpexploit	Catch Themes Demo Import < 2.1.1 - Admin+ Remote Code Execution	7 Feb 202200:00	–	wpexploit
WPVulnDB	Catch Themes Demo Import < 2.1.1 - Admin+ Remote Code Execution	7 Feb 202200:00	–	wpvulndb

NVD

Vulners

Node

catchplugins catch_themes_demo_importRange<2.1.1wordpress

[
  {
    "product": "Catch Themes Demo Import",
    "vendor": "Unknown",
    "versions": [
      {
        "lessThan": "2.1.1",
        "status": "affected",
        "version": "2.1.1",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
wpscan	www.wpscan.com/vulnerability/2239095f-8a66-4a5d-ab49-1662a40fddf1

Parameter	Position	Path	Description	CWE
widget_file	binary	/wp-admin/admin-ajax.php	Arbitrary file upload via admin-ajax.php during demo import, enabling PHP file upload and potential RCE.	CWE-434
redux_file	binary	/wp-admin/admin-ajax.php	Arbitrary file upload via admin-ajax.php during demo import, enabling PHP file upload and potential RCE.	CWE-434
qerogram	path	/wp-content/uploads/{year}/{month}/{FileName}.php	Access to uploaded PHP payload enabling RCE through query parameter execution.	CWE-434

21 Nov 2024 06:38Current

7.2High risk

Vulners AI Score7.2

CVSS 26.5

CVSS 3.17.2

EPSS0.00875

CWE-434