Lucene search
HistoryNov 28, 2022 - 8:15 p.m.
CVE-2022-38140
cve-2022-38140
arbitrary file upload
seo plugin
squirrly seo
wordpress
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.7
Confidence
High
EPSS
0.001
Percentile
42.8%
Auth. (contributor+)ย Arbitrary File Upload inย SEO Plugin by Squirrly SEO plugin <=ย 12.1.10 on WordPress.
Affected configurations
Node
squirrlyseo_plugin_by_squirrly_seoRangeโค12.1.10
| Vendor | Product | Version | CPE |
|---|---|---|---|
| squirrly | seo_plugin_by_squirrly_seo | * | cpe:2.3:a:squirrly:seo_plugin_by_squirrly_seo:*:*:*:*:*:*:*:* |
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"product": "SEO Plugin by Squirrly SEO (WordPress plugin)",
"vendor": "Squirrly",
"versions": [
{
"changes": [
{
"at": "12.1.11",
"status": "unaffected"
}
],
"lessThanOrEqual": "12.1.10",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Social References
More
Related
prion
prion
Design/Logic Flaw
2022-11-28 20:15:00
nvd
nvd
CVE-2022-38140
2022-11-28 20:15:16
wpvulndb
wpvulndb
SEO Plugin by Squirrly SEO < 12.1.11 - Contributor+ Arbitrary File Upload
2022-11-28 00:00:00
openvas
openvas
patchstack
patchstack
cvelist
cvelist
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
8.7
Confidence
High
EPSS
0.001
Percentile
42.8%
Related for CVE-2022-38140