3 matches found
CVE-2022-4031
creationtimestamp| type| source ---|---|--- 2022-11-30 00:29:35+00:00| seen| https://t.me/cibsecurity/53679...
CVE-2022-4031
The CVE-2022-4031 entry concerns the Simple:Press WordPress plugin (versions up to and including 6.8) and describes an arbitrary file modification vulnerability via the file parameter, where an attacker with high privileges (e.g., admin) can supply filesystem paths to modify files outside the int...
CVE-2022-4031 Simple:Press <= 6.8 - Authenticated (Admin+) Path Traversal to Arbitrary File Modification
The Simple:Press plugin for WordPress is vulnerable to arbitrary file modifications in versions up to, and including, 6.8 via the 'file' parameter which does not properly restrict files to be edited in the context of the plugin. This makes it possible with attackers, with high-level permissions...