Lucene search

[email protected]NVD:CVE-2022-38061

HistorySep 23, 2022 - 3:15 p.m.

CVE-2022-38061

2022-09-2315:15:13

CWE-1236

[email protected]

web.nvd.nist.gov

authenticated

export post info plugin

cve-2022-38061

wordpress

security vulnerability

5.7 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

0.001 Low

EPSS

Percentile

22.7%

JSON

Authenticated (author+) CSV Injection vulnerability in Export Post Info plugin <= 1.2.0 at WordPress.

Affected configurations

NVD

Node

apasionadosexport_post_infoRange≤1.2.0wordpress

References

patchstack.com/database/vulnerability/export-post-info/wordpress-export-post-info-plugin-1-2-0-authenticated-csv-injection-vulnerability/_s_id=cve

wordpress.org/plugins/export-post-info/#developers

5.7 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N

0.001 Low

EPSS

Percentile

22.7%

JSON

Related for NVD:CVE-2022-38061

cve1 prion1 patchstack1 cvelist1