Lucene search
HistoryNov 18, 2022 - 7:15 p.m.
CVE-2022-38974
access control
wpml multilingual
wordpress
cve-2022-38974
vulnerability
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
EPSS
0.001
Percentile
22.7%
Broken Access Control vulnerability in WPML Multilingual CMS premium plugin <= 4.5.10 on WordPress allows users with subscriber or higher user roles to change the status of the translation jobs.
Affected configurations
Node
wpmlwpmlRange≤4.5.10wordpress
Related
prion
prion
Improper access control
2022-11-18 19:15:00
patchstack
patchstack
wpvulndb
wpvulndb
WPML < 4.5.11 - Subscriber+ Translation Job Status Update
2022-11-09 00:00:00
cvelist
cvelist
cnvd
cnvd
cve
cve
CVE-2022-38974
2022-11-18 19:15:29
CVSS3
4.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
EPSS
0.001
Percentile
22.7%
Related for NVD:CVE-2022-38974