Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistWPScanCVELIST:CVE-2022-1008
HistoryApr 11, 2022 - 2:41 p.m.

CVE-2022-1008 One Click Demo Import < 3.1.0 - Admin+ Arbitrary File Upload

2022-04-1114:41:07
CWE-434
WPScan
www.cve.org

0.001 Low

EPSS

Percentile

41.2%

JSON

The One Click Demo Import WordPress plugin before 3.1.0 does not validate the imported file, allowing high privilege users such as admin to upload arbitrary files (such as PHP) even when FILE_MODS and FILE_EDIT are disallowed

CNA Affected

[
  {
    "product": "One Click Demo Import",
    "vendor": "Unknown",
    "versions": [
      {
        "lessThan": "3.1.0",
        "status": "affected",
        "version": "3.1.0",
        "versionType": "custom"
      }
    ]
  }
]

Related

wpexploit 1
openvas 1
patchstack 1
nvd 1
cve 1
wpvulndb 1
prion 1
wpexploit
wpexploit
One Click Demo Import < 3.1.0 - Admin+ Arbitrary File Upload
2022-03-21 00:00:00
openvas
openvas
WordPress One Click Demo Import Plugin < 3.1.0 Arbitrary File Upload Vulnerability
2023-04-25 00:00:00
patchstack
patchstack
WordPress One Click Demo Import plugin <= 3.0.2 - Arbitrary File Upload vulnerability
2022-03-21 00:00:00
nvd
nvd
CVE-2022-1008
2022-04-11 15:15:09
cve
cve
CVE-2022-1008
2022-04-11 15:15:09
wpvulndb
wpvulndb
One Click Demo Import < 3.1.0 - Admin+ Arbitrary File Upload
2022-03-21 00:00:00
prion
prion
Design/Logic Flaw
2022-04-11 15:15:00

0.001 Low

EPSS

Percentile

41.2%

JSON
Related for CVELIST:CVE-2022-1008
wpexploit1openvas1patchstack1nvd1cve1wpvulndb1prion1