Lucene search
WPScanCVELIST:CVE-2022-3416HistoryJan 09, 2023 - 10:13 p.m.
CVE-2022-3416 WPtouch < 4.3.45 - Admin+ Arbitrary File Upload
2023-01-0922:13:28
WPScan
www.cve.org
cve-2022-3416
wptouch
arbitrary file upload
admin
multisite
The WPtouch WordPress plugin before 4.3.45 does not properly validate images to be uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to (for example in multisite setup)
CNA Affected
[
{
"vendor": "Unknown",
"product": "WPtouch",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThan": "4.3.45"
}
],
"defaultStatus": "unaffected",
"collectionURL": "https://wordpress.org/plugins"
}
]Related
nvd
nvd
CVE-2022-3416
2023-01-09 23:15:26
prion
prion
Design/Logic Flaw
2023-01-09 23:15:00
cve
cve
CVE-2022-3416
2023-01-09 23:15:26
openvas
openvas
WordPress WPtouch Plugin < 4.3.45 Multiple Vulnerabilities
2023-04-20 00:00:00
fedora
fedora
[SECURITY] Fedora 35 Update: java-11-openjdk-11.0.16.0.8-1.fc35
2022-08-03 01:49:35
[SECURITY] Fedora 35 Update: java-1.8.0-openjdk-1.8.0.342.b07-1.fc35
2022-08-03 01:49:40
[SECURITY] Fedora 36 Update: java-1.8.0-openjdk-1.8.0.342.b07-1.fc36
2022-08-03 01:27:52