Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2022-2594
HistoryAug 22, 2022 - 3:15 p.m.

Design/Logic Flaw

2022-08-2215:15:00
PRIOn knowledge base
www.prio-n.com
32
vulnerability
unauthenticated users
file uploads
wordpress plugin

8.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.1%

JSON

The Advanced Custom Fields WordPress plugin before 5.12.3, Advanced Custom Fields Pro WordPress plugin before 5.12.3 allows unauthenticated users to upload files allowed in a default WP configuration (so PHP is not possible) if there is a frontend form available. This vulnerability was introduced in the 5.0 rewrite and did not exist prior to that release.

Related

openvas 2
wpvulndb 1
cve 1
wpexploit 1
patchstack 2
nvd 1
cvelist 1
openvas
openvas
WordPress Advanced Custom Fields Plugin 5.x < 5.12.3 File Upload Vulnerability
2022-08-25 00:00:00
WordPress Advanced Custom Fields Pro Plugin 5.x < 5.12.3 File Upload Vulnerability
2022-08-25 00:00:00
wpvulndb
wpvulndb
Advanced Custom Fields 5.0-5.12.2 - Unauthenticated File Upload
2022-08-01 00:00:00
cve
cve
CVE-2022-2594
2022-08-22 15:15:15
wpexploit
wpexploit
Advanced Custom Fields 5.0-5.12.2 - Unauthenticated File Upload
2022-08-01 00:00:00
patchstack
patchstack
WordPress Advanced Custom Fields plugin <= 5.12.2 - Unauthenticated File Upload vulnerability
2022-08-01 00:00:00
WordPress Advanced Custom Fields PRO premium plugin <= 5.12.2 - Unauthenticated File Upload vulnerability
2022-08-01 00:00:00
nvd
nvd
CVE-2022-2594
2022-08-22 15:15:15
cvelist
cvelist
CVE-2022-2594 Advanced Custom Fields 5.0-5.12.2 - Unauthenticated File Upload
2022-08-22 15:05:03

8.6 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.1%

JSON
Related for PRION:CVE-2022-2594
openvas2wpvulndb1cve1wpexploit1patchstack2nvd1cvelist1