Lucene search

K
patchstackRezadutyPATCHSTACK:76B3093C84672988804E06E514471751
HistoryApr 28, 2023 - 12:00 a.m.

WordPress Bit File Manager Plugin <= 5.2.7 is vulnerable to PHP Object Injection

2023-04-2800:00:00
rezaduty
patchstack.com
1
wordpress
bit file manager
plugin
php object injection
cve-2022-47599
low severity

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

7.2

Confidence

Low

Software

Bit File Manager

Type

Plugin

Vulnerable versions

<= 5.2.7

Fixed in

6.0.0

OWASP Top 10

A1: Injection

Classification

PHP Object Injection

CVE

CVE-2022-47599

Patch priority

Low

CVSS severity

Low (5.5)

Developer

Claim ownership

PSID

73c858fcfca7

Credits

rezaduty rezaduty

Required privilege

Administrator

Published

28 April, 2023

Remove and replace plugin Expand full details Have additional information or questions about this entry? Let us know.

Solution

This security issue has a low severity impact and is unlikely to be exploited.

Affected configurations

Vulners
Node
file_manager_by_bit_form_teambit_file_managerRange5.2.7
VendorProductVersionCPE
file_manager_by_bit_form_teambit_file_manager*cpe:2.3:a:file_manager_by_bit_form_team:bit_file_manager:*:*:*:*:*:*:*:*

CVSS3

7.2

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

AI Score

7.2

Confidence

Low

Related for PATCHSTACK:76B3093C84672988804E06E514471751