Lucene search
WPScanCVELIST:CVE-2022-4109HistoryJan 02, 2023 - 9:49 p.m.
CVE-2022-4109 Wholesale Market for WooCommerce < 2.0.0 - Admin+ Arbitrary Log Download
2023-01-0221:49:31
WPScan
www.cve.org
cve-2022-4109
wholesale market
woocommerce
admin
arbitrary log download
path traversal
multisite
The Wholesale Market for WooCommerce WordPress plugin before 2.0.0 does not validate user input against path traversal attacks, allowing high privilege users such as admin to download arbitrary logs from the server even when they should not be able to (for example in multisite)
CNA Affected
[
{
"vendor": "Unknown",
"product": "Wholesale Market for WooCommerce",
"versions": [
{
"status": "affected",
"versionType": "custom",
"version": "0",
"lessThan": "2.0.0"
}
],
"defaultStatus": "unaffected"
}
]Related
nvd
nvd
CVE-2022-4109
2023-01-02 22:15:16
cve
cve
CVE-2022-4109
2023-01-02 22:15:16
wpexploit
wpexploit
Wholesale Market for WooCommerce < 2.0.0 - Admin+ Arbitrary Log Download
2022-12-12 00:00:00
wpvulndb
wpvulndb
Wholesale Market for WooCommerce < 2.0.0 - Admin+ Arbitrary Log Download
2022-12-12 00:00:00
prion
prion
Path traversal
2023-01-02 22:15:00