Lucene search

PatchstackCVELIST:CVE-2022-33969

HistoryJul 25, 2022 - 5:45 p.m.

CVE-2022-33969 WordPress Flipbox plugin <= 2.6.0 - Authenticated WordPress Options Change vulnerability

2022-07-2517:45:56

CWE-264

Patchstack

www.cve.org

wordpress

authenticated

options change

flipbox plugin

cve-2022-33969

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

38.1%

JSON

Authenticated WordPress Options Change vulnerability in Biplob Adhikari’s Flipbox plugin <= 2.6.0 at WordPress.

CNA Affected

[
  {
    "product": "Flipbox (WordPress plugin)",
    "vendor": "Biplob Adhikari",
    "versions": [
      {
        "lessThanOrEqual": "2.6.1",
        "status": "affected",
        "version": "<= 2.6.0",
        "versionType": "custom"
      }
    ]
  }
]

References

patchstack.com/database/vulnerability/image-hover-effects-ultimate-visual-composer/wordpress-flipbox-plugin-2-6-0-authenticated-wordpress-options-change-vulnerability

plugins.trac.wordpress.org/changeset/2648808

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

EPSS

0.001

Percentile

38.1%

JSON

Related for CVELIST:CVE-2022-33969