Lucene search

[email protected]NVD:CVE-2022-45852

HistoryApr 24, 2024 - 11:15 a.m.

CVE-2022-45852

2024-04-2411:15:46

CWE-22

[email protected]

web.nvd.nist.gov

cve-2022-45852

improper limitation

path traversal

drew buschhorn

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

Percentile

10.5%

JSON

Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in FormAssembly / Drew Buschhorn WP-FormAssembly allows Path Traversal.This issue affects WP-FormAssembly: from n/a through 2.0.5.

References

patchstack.com/database/vulnerability/formassembly-web-forms/wordpress-wp-formassembly-plugin-2-0-5-auth-arbitrary-file-read-vulnerability?_s_id=cve

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

Percentile

10.5%

JSON

Related for NVD:CVE-2022-45852

cvelist1 cve1 patchstack1 vulnrichment1