Lucene search
PatchstackCVE-2022-33900HistoryAug 22, 2022 - 3:15 p.m.
CVE-2022-33900
2022-08-2215:15:15
CWE-502
Patchstack
web.nvd.nist.gov
45
4
cve-2022-33900
php
object injection
easy digital downloads
wordpress
nvd
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
42.8%
PHP Object Injection vulnerability in Easy Digital Downloads plugin <= 3.0.1 at WordPress.
Affected configurations
Node
sandhillsdeveasy_digital_downloadsRange≤3.0.1wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| sandhillsdev | easy_digital_downloads | * | cpe:2.3:a:sandhillsdev:easy_digital_downloads:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"product": "Easy Digital Downloads",
"vendor": "Easy Digital Downloads",
"versions": [
{
"lessThanOrEqual": "3.0.1",
"status": "affected",
"version": "<= 3.0.1",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
patchstack
patchstack
prion
prion
Design/Logic Flaw
2022-08-22 15:15:00
nvd
nvd
CVE-2022-33900
2022-08-22 15:15:15
cvelist
cvelist
wpvulndb
wpvulndb
Easy Digital Downloads < 3.0.2 - Admin+ PHP Object Injection
2022-08-10 00:00:00
CVSS3
7.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
42.8%
Related for CVE-2022-33900