CVE-2022-2834

🗓️ 17 Oct 2022 00:00:00Reported by WPScanType

The Helpful WordPress plugin before 4.5.26 exposes sensitive information via publicly accessible logs and feedbacks

Reporter	Title	Published	Views	Family All 13
Circl	CVE-2022-2834	17 Oct 202216:13	–	circl
CNNVD	WordPress Plugin Helpful 信息泄露漏洞	17 Oct 202200:00	–	cnnvd
CNVD	WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An information disclosure vulnerability exists in WordPress WP Cerber Security 9.0 and prior versions, which stems from incorrect validation of the value provided for the author parameter in the ~/cerber-load.php file. An attacker can exploit the vulnerability to launch a user enumeration attack.	19 Oct 202200:00	–	cnvd
Cvelist	CVE-2022-2834 Helpful < 4.5.26 - Information Disclosure	17 Oct 202200:00	–	cvelist
EUVD	EUVD-2022-35070	3 Oct 202520:07	–	euvd
NVD	CVE-2022-2834	17 Oct 202212:15	–	nvd
Patchstack	WordPress Helpful plugin <= 4.5.25 - Information Disclosure vulnerability	26 Sep 202200:00	–	patchstack
Prion	Information disclosure	17 Oct 202212:15	–	prion
Positive Technologies	PT-2022-18965 · WordPress · Helpful Wordpress Plugin	17 Oct 202200:00	–	ptsecurity
RedhatCVE	CVE-2022-2834	22 May 202521:54	–	redhatcve

NVD

Vulners

Node

helpful_project helpfulRange<4.5.26wordpress

[
  {
    "vendor": "Unknown",
    "product": "Helpful",
    "versions": [
      {
        "status": "affected",
        "versionType": "custom",
        "version": "0",
        "lessThan": "4.5.26"
      }
    ],
    "defaultStatus": "unaffected",
    "collectionURL": "https://wordpress.org/plugins"
  }
]

Source	Link
wpscan	www.wpscan.com/vulnerability/468d5fc7-04c6-4354-b134-85ebb25b37ae

13 May 2025 20:15Current

5Medium risk

Vulners AI Score5

CVSS 3.15.3

EPSS0.00477

SSVC

CWE-552