Vulners
Lucene search
CVE-2022-1952
šļøĀ 11 Jul 2022Ā 12:56:52Reported byĀ WPScanTypeĀ 
Ā cvešĀ web.nvd.nist.govš°ļøĀ 2Ā Media mentionsšĀ 86Ā Viewsš WEB
| Reporter | Title | Published | Views | Family All 15 |
|---|---|---|---|---|
 | CVE-2022-1952 | 11 Jul 202213:15 | ā | attackerkb |
 | CVE-2022-1952 | 30 Jun 202209:48 | ā | circl |
 | WordPress plugin Free Booking Plugin for Hotels, Restaurant and Car Rental 代ē é®é¢ę¼ę“ | 11 Jul 202200:00 | ā | cnnvd |
 | WordPress Hotels/Restaurant/Car Rental Free Booking plugin Arbitrary File Upload Vulnerability | 13 Jul 202200:00 | ā | cnvd |
 | CVE-2022-1952 eaSYNC < 1.1.16 - Unauthenticated Arbitrary File Upload | 11 Jul 202212:56 | ā | cvelist |
 | WordPress eaSYNC Booking <1.1.16 - Arbitrary File Upload | 29 May 202603:59 | ā | nuclei |
 | CVE-2022-1952 | 11 Jul 202213:15 | ā | nvd |
 | CVE-2022-1952 | 11 Jul 202213:15 | ā | osv |
 | WordPress eaSYNC plugin <= 1.1.15 - Unauthenticated Arbitrary File Upload vulnerability | 15 Jun 202200:00 | ā | patchstack |
 | Input validation | 11 Jul 202213:15 | ā | prion |
10
Node
[
{
"product": "Free Booking Plugin for Hotels, Restaurant and Car Rental ā eaSYNC",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.1.16",
"status": "affected",
"version": "1.1.16",
"versionType": "custom"
}
]
}
]| Parameter | Position | Path | Description | CWE |
|---|---|---|---|---|
| action | upload data | wp-admin/admin-ajax.php | Unauthenticated AJAX action enables arbitrary file upload due to insufficient input validation. | CWE-434 |
| type | upload data | wp-admin/admin-ajax.php | Unauthenticated AJAX action enables arbitrary file upload due to insufficient input validation. | CWE-434 |
| with_driver | upload data | wp-admin/admin-ajax.php | Unauthenticated AJAX action enables arbitrary file upload due to insufficient input validation. | CWE-434 |
| driver_license_image2 | upload data | wp-admin/admin-ajax.php | Unauthenticated AJAX action enables arbitrary file upload due to insufficient input validation. | CWE-434 |
| driver_license_image2 | path | wp-content/uploads/cff7779bf2268f97c011ece9fd4c9ab0.php | Uploaded PHP shell location obtainable after arbitrary file upload and can be triggered to achieve remote code execution. | CWE-434 |
| id | path | wp-content/uploads/cff7779bf2268f97c011ece9fd4c9ab0.php | Uploaded PHP shell location obtainable after arbitrary file upload and can be triggered to achieve remote code execution. | CWE-434 |
Data
Build on a solid foundation withĀ Vulners data
WeĀ provide theĀ essential building blocks forĀ cybersecurity solutions withĀ comprehensive, structured, andĀ constantly updated vulnerability andĀ exploits data
Api
Power your application withĀ Vulners API
The Vulners REST API offers reliable, high-performance access toĀ vulnerabilityĀ intelligence, withĀ 99.9%Ā SLAĀ uptime andĀ CDN-backed data delivery forĀ seamlessĀ global access
App
Assess and manage vulnerabilities withĀ VulnersĀ tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
23 Jan 2026 19:32Current
10High risk
Vulners AI Score10
CVSS 27.5
CVSS 3.19.8
EPSS0.85897