5 matches found
CVE-2022-0679
The Narnoo Distributor WordPress plugin through 2.5.1 fails to validate and sanitize the libpath parameter before it is passed into a call to require via the narnoodistributorlibrequest AJAX action available to both unauthenticated and authenticated users which results in the disclosure of...
CVE-2022-0679
creationtimestamp| type| source ---|---|--- 2022-03-28 22:41:49+00:00| seen| https://t.me/cibsecurity/39663 2024-12-21 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2024-12-21 2024-12-24 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities -...
CVE-2022-0679
The Narnoo Distributor WordPress plugin through 2.5.1 fails to validate and sanitize the libpath parameter before it is passed into a call to require via the narnoodistributorlibrequest AJAX action available to both unauthenticated and authenticated users which results in the disclosure of...
CVE-2022-0679
The Narnoo Distributor WordPress plugin through 2.5.1 fails to validate and sanitize the libpath parameter before it is passed into a call to require via the narnoodistributorlibrequest AJAX action available to both unauthenticated and authenticated users which results in the disclosure of...
CVE-2022-0679
CVE-2022-0679 affects the WordPress Narnoo Distributor plugin (versions = 2.5.2) or apply vendor-provided patches. If upgrading is not possible, mitigate where feasible by reviewing the handling of lib_path, access controls for the AJAX action, and server file permissions. This CVE description is...