Lucene search
PatchstackCVELIST:CVE-2022-38140HistoryNov 28, 2022 - 7:55 p.m.
CVE-2022-38140 WordPress SEO Plugin by Squirrly SEO Plugin <= 12.1.10 is vulnerable to Arbitrary File Upload
2022-11-2819:55:02
CWE-434
Patchstack
www.cve.org
2
cve-2022-38140
arbitrary file upload
squirrly seo
CVSS3
7.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
AI Score
8.9
Confidence
High
EPSS
0.001
Percentile
42.8%
Auth. (contributor+)ย Arbitrary File Upload inย SEO Plugin by Squirrly SEO plugin <=ย 12.1.10 on WordPress.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"product": "SEO Plugin by Squirrly SEO (WordPress plugin)",
"vendor": "Squirrly",
"versions": [
{
"changes": [
{
"at": "12.1.11",
"status": "unaffected"
}
],
"lessThanOrEqual": "12.1.10",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
wpvulndb
wpvulndb
SEO Plugin by Squirrly SEO < 12.1.11 - Contributor+ Arbitrary File Upload
2022-11-28 00:00:00
openvas
openvas
nvd
nvd
CVE-2022-38140
2022-11-28 20:15:16
prion
prion
Design/Logic Flaw
2022-11-28 20:15:00
cve
cve
CVE-2022-38140
2022-11-28 20:15:16
patchstack
patchstack
CVSS3
7.6
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:L
AI Score
8.9
Confidence
High
EPSS
0.001
Percentile
42.8%
Related for CVELIST:CVE-2022-38140