Lucene search
WPScanCVELIST:CVE-2022-0593HistoryMar 14, 2022 - 2:41 p.m.
CVE-2022-0593 Login with phone number < 1.3.7 - Unauthenticated remote plugin deletion
2022-03-1414:41:36
CWE-73
WPScan
www.cve.org
1
cve-2022-0593
unauthenticated
remote deletion
wordpress plugin
EPSS
0.001
Percentile
36.6%
The Login with phone number WordPress plugin before 1.3.7 includes a file delete.php with no form of authentication or authorization checks placed in the plugin directory, allowing unauthenticated user to remotely delete the plugin files leading to a potential Denial of Service situation.
CNA Affected
[
{
"product": "Login with phone number",
"vendor": "Unknown",
"versions": [
{
"lessThan": "1.3.7",
"status": "affected",
"version": "1.3.7",
"versionType": "custom"
}
]
}
]Related
prion
prion
Authorization
2022-03-14 15:15:00
cve
cve
CVE-2022-0593
2022-03-14 15:15:10
nvd
nvd
CVE-2022-0593
2022-03-14 15:15:10
wpvulndb
wpvulndb
Login with phone number < 1.3.7 - Unauthenticated remote plugin deletion
2022-02-16 00:00:00
patchstack
patchstack
wpexploit
wpexploit
Login with phone number < 1.3.7 - Unauthenticated remote plugin deletion
2022-02-16 00:00:00