Lucene search

[email protected]NVD:CVE-2022-40130

HistoryNov 18, 2022 - 11:15 p.m.

CVE-2022-40130

2022-11-1823:15:20

CWE-362

[email protected]

web.nvd.nist.gov

cve-2022-40130

authentication

subscriber+

race condition

wp-polls plugin

wordpress

CVSS3

3.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N

EPSS

0.001

Percentile

19.4%

JSON

Auth. (subscriber+) Race Condition vulnerability in WP-Polls plugin <= 2.76.0 on WordPress.

Affected configurations

Nvd

Node

wp-polls_projectwp-pollsRange<2.77.0wordpress

VendorProductVersionCPE
wp-polls_projectwp-polls*cpe:2.3:a:wp-polls_project:wp-polls:*:*:*:*:*:wordpress:*:*

Vendor	Product	Version	CPE
wp-polls_project	wp-polls	*	cpe:2.3:a:wp-polls_project:wp-polls::::::wordpress::*

References

patchstack.com/database/vulnerability/wp-polls/wordpress-wp-polls-plugin-2-76-0-race-condition-vulnerability?_s_id=cve

wordpress.org/plugins/wp-polls/#developers

CVSS3

3.1

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N

EPSS

0.001

Percentile

19.4%

JSON

Related for NVD:CVE-2022-40130

wpvulndb1 patchstack1 prion1 cvelist1 cve1