Lucene search

WPScanCVE-2022-0779

HistoryJun 08, 2022 - 10:15 a.m.

CVE-2022-0779

2022-06-0810:15:09

CWE-22

WPScan

web.nvd.nist.gov

cve-2022-0779

user meta wordpress plugin

filepath parameter

validation

vulnerability

nvd

security

wordpress

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

0.001

Percentile

37.4%

JSON

The User Meta WordPress plugin before 2.4.4 does not validate the filepath parameter of its um_show_uploaded_file AJAX action, which could allow low privileged users such as subscriber to enumerate the local files on the web server via path traversal payloads

Affected configurations

Nvd

Vulners

Node

user-metauser_meta_user_profile_builder_and_user_managementRange<2.4.4wordpress

VendorProductVersionCPE
user-metauser_meta_user_profile_builder_and_user_management*cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management:*:*:*:*:*:wordpress:*:*

Vendor	Product	Version	CPE
user-meta	user_meta_user_profile_builder_and_user_management	*	cpe:2.3:a:user-meta:user_meta_user_profile_builder_and_user_management::::::wordpress::*

CNA Affected

[
  {
    "product": "User Meta – User Profile Builder and User management plugin",
    "vendor": "Unknown",
    "versions": [
      {
        "lessThan": "2.4.4",
        "status": "affected",
        "version": "2.4.4",
        "versionType": "custom"
      }
    ]
  }
]