Lucene search
PRIOn knowledge basePRION:CVE-2022-4063HistoryDec 19, 2022 - 2:15 p.m.
Design/Logic Flaw
2022-12-1914:15:00
PRIOn knowledge base
www.prio-n.com
6
inpost gallery
wordpress plugin
php extract function
html views
malicious files
urls
code execution
security vulnerability
The InPost Gallery WordPress plugin before 2.1.4.1 insecurely uses PHP’s extract() function when rendering HTML views, allowing attackers to force the inclusion of malicious files & URLs, which may enable them to run code on servers.
| CPE | Name | Operator | Version |
|---|---|---|---|
| inpost_gallery | lt | 2.1.4.1 |
Related
nuclei
nuclei
WordPress InPost Gallery <2.1.4.1 - Local File Inclusion
2023-03-05 13:42:10
nvd
nvd
CVE-2022-4063
2022-12-19 14:15:12
cvelist
cvelist
CVE-2022-4063 InPost Gallery < 2.1.4.1 - Unauthenticated LFI to RCE
2022-12-19 13:41:37
cve
cve
CVE-2022-4063
2022-12-19 14:15:12
wpvulndb
wpvulndb
InPost Gallery < 2.1.4.1 - Unauthenticated LFI to RCE
2022-11-28 00:00:00
wpexploit
wpexploit
InPost Gallery < 2.1.4.1 - Unauthenticated LFI to RCE
2022-11-28 00:00:00