Lucene search
K

CVE-2022-2356

šŸ—“ļøĀ 08 Aug 2022Ā 13:46:51Reported byĀ WPScanTypeĀ 
cve
Ā cve
šŸ”—Ā web.nvd.nist.govšŸ“°ļøĀ 2Ā Media mentionsšŸ‘Ā 62Ā Views🌐 WEB

The Frontend File Manager & Sharing WordPress plugin before 1.1.3 allows unrestricted file uploads

Related
Detection
Affected
Refs
Paths
Social
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2022-2356
8 Aug 202214:15
–attackerkb
Circl
CVE-2022-2356
8 Aug 202218:23
–circl
CNNVD
WordPress Plugin Frontend File Manager & Sharing ä»£ē é—®é¢˜ę¼ę“ž
8 Aug 202200:00
–cnnvd
Cvelist
CVE-2022-2356 User Private Files < 1.1.3 - Subscriber+ Arbitrary File Upload
8 Aug 202213:46
–cvelist
EUVD
EUVD-2022-34624
3 Oct 202520:07
–euvd
NVD
CVE-2022-2356
8 Aug 202214:15
–nvd
OSV
CVE-2022-2356
8 Aug 202214:15
–osv
Patchstack
WordPress User Private Files plugin <= 1.1.2 - Authenticated Arbitrary File Upload vulnerability
12 Jul 202200:00
–patchstack
Prion
Code injection
8 Aug 202214:15
–prion
Positive Technologies
PT-2022-16075
8 Aug 202200:00
–ptsecurity
Rows per page
NVD
Vulners
Node
mediajediuser_private_filesRange<1.1.3wordpress
[
  {
    "product": "Frontend File Manager & Sharing – User Private Files",
    "vendor": "Unknown",
    "versions": [
      {
        "lessThan": "1.1.3",
        "status": "affected",
        "version": "1.1.3",
        "versionType": "custom"
      }
    ]
  }
]
ParameterPositionPathDescriptionCWE
docfilerequest bodywp-admin/admin-ajax.phpUnrestricted file upload vulnerability via admin-ajax endpoint allows uploading PHP with crafted payload.CWE-434
docextrequest bodywp-admin/admin-ajax.phpUnrestricted file upload vulnerability via admin-ajax endpoint allows uploading PHP with crafted payload.CWE-434
doc_typerequest bodywp-admin/admin-ajax.phpUnrestricted file upload vulnerability via admin-ajax endpoint allows uploading PHP with crafted payload.CWE-434
actionrequest bodywp-admin/admin-ajax.phpUnrestricted file upload vulnerability via admin-ajax endpoint allows uploading PHP with crafted payload.CWE-434
upf_noncerequest bodywp-admin/admin-ajax.phpUnrestricted file upload vulnerability via admin-ajax endpoint allows uploading PHP with crafted payload.CWE-434

Data

Build on a solid foundation withĀ Vulners data

WeĀ provide theĀ essential building blocks forĀ cybersecurity solutions withĀ comprehensive, structured, andĀ constantly updated vulnerability andĀ exploits data

Api

Power your application withĀ Vulners API

The Vulners REST API offers reliable, high-performance access toĀ vulnerabilityĀ intelligence, withĀ 99.9%Ā SLAĀ uptime andĀ CDN-backed data delivery forĀ seamlessĀ global access

App

Assess and manage vulnerabilities withĀ VulnersĀ tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

23 Jun 2026 16:16Current
8.8High risk
Vulners AI Score8.8
CVSS 3.16.5 - 8.8
EPSS0.0078
SSVC
62