Lucene search
WPScanCVELIST:CVE-2022-0316HistoryJan 23, 2023 - 2:48 p.m.
CVE-2022-0316 Multiple themes - Unauthenticated Arbitrary File Upload
2023-01-2314:48:05
WPScan
www.cve.org
cve-2022-0316
unauthenticated
arbitrary file upload
wordpress themes
file upload validation
chimpstudio
pixfill
lang upload.
The WeStand WordPress theme before 2.1, footysquare WordPress theme, aidreform WordPress theme, statfort WordPress theme, club-theme WordPress theme, kingclub-theme WordPress theme, spikes WordPress theme, spikes-black WordPress theme, soundblast WordPress theme, bolster WordPress theme from ChimpStudio and PixFill does not have any authorisation and upload validation in the lang_upload.php file, allowing any unauthenticated attacker to upload arbitrary files to the web server.
CNA Affected
[
{
"vendor": "Unknown",
"product": "WeStand",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThan": "2.1"
}
],
"defaultStatus": "unaffected"
},
{
"vendor": "Unknown",
"product": "footysquare",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThanOrEqual": "*"
}
],
"defaultStatus": "affected"
},
{
"vendor": "Unknown",
"product": "aidreform",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThanOrEqual": "*"
}
],
"defaultStatus": "affected"
},
{
"vendor": "Unknown",
"product": "statfort",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThanOrEqual": "*"
}
],
"defaultStatus": "affected"
},
{
"vendor": "Unknown",
"product": "club-theme",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThanOrEqual": "*"
}
],
"defaultStatus": "affected"
},
{
"vendor": "Unknown",
"product": "kingclub-theme",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThanOrEqual": "*"
}
],
"defaultStatus": "affected"
},
{
"vendor": "Unknown",
"product": "spikes",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThanOrEqual": "*"
}
],
"defaultStatus": "affected"
},
{
"vendor": "Unknown",
"product": "spikes-black",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThanOrEqual": "*"
}
],
"defaultStatus": "affected"
},
{
"vendor": "Unknown",
"product": "soundblast",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThanOrEqual": "*"
}
],
"defaultStatus": "affected"
},
{
"vendor": "Unknown",
"product": "bolster",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThanOrEqual": "*"
}
],
"defaultStatus": "affected"
}
]Related
nvd
nvd
CVE-2022-0316
2023-01-23 15:15:13
cve
cve
CVE-2022-0316
2023-01-23 15:15:13
githubexploit
githubexploit
Exploit for CVE-2022-0316
2023-02-08 17:37:09
wpvulndb
wpvulndb
Multiple themes - Unauthenticated Arbitrary File Upload
2022-12-29 00:00:00
prion
prion
Design/Logic Flaw
2023-01-23 15:15:00
wpexploit
wpexploit
Multiple themes - Unauthenticated Arbitrary File Upload
2022-12-29 00:00:00