Lucene search
K

6 matches found

Nuclei
Nuclei
added yesterday19 views

WordPress Admin Word Count Column 2.2 - Local File Inclusion

The plugin does not validate the path parameter given to readfile, which could allow unauthenticated attackers to read arbitrary files on server running old version of PHP susceptible to the null byte technique. This could also lead to RCE by using a Phar Deserialization technique. id:...

9.8CVSS7.5AI score0.22133EPSS
Exploits2References5
EUVD
EUVD
added 2026/06/08 1:55 a.m.8 views

EUVD-2022-56000

WordPress Plugin admin-word-count-column 2.2 contains a local file read vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting null byte injection in the path parameter. Attackers can send GET requests to download-csv.php with a crafted path parameter containing...

6.9CVSS5.6AI score0.00342EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 10:17 p.m.11 views

CVE-2022-1390

The Admin Word Count Column WordPress plugin through 2.2 does not validate the path parameter given to readfile, which could allow unauthenticated attackers to read arbitrary files on server running old version of PHP susceptible to the null byte technique. This could also lead to RCE by using a...

9.8CVSS7AI score0.22133EPSS
Exploits2References1
CVE
CVE
added 2022/04/25 3:51 p.m.105 views

CVE-2022-1390

CVE-2022-1390 affects the WordPress plugin Admin Word Count Column (versions

9.8CVSS9.6AI score0.22133EPSS
In wildExploits2References2Affected Software1
Cvelist
Cvelist
added 2022/04/25 3:51 p.m.31 views

CVE-2022-1390 Admin Word Count Column <= 2.2 - Unauthenticated Arbitrary File Read

The Admin Word Count Column WordPress plugin through 2.2 does not validate the path parameter given to readfile, which could allow unauthenticated attackers to read arbitrary files on server running old version of PHP susceptible to the null byte technique. This could also lead to RCE by using a...

9.7AI score0.22133EPSS
Exploits2References2
Exploit DB
Exploit DB
added 2022/03/30 12:0 a.m.297 views

WordPress Plugin admin-word-count-column 2.2 - Local File Read

Exploit Title: WordPress Plugin admin-word-count-column 2.2 - Local File Read Google Dork: inurl:/wp-content/plugins/admin-word-count-column/ Date: 27-03-2022 Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/admin-word-count-column/ Version: 2.2...

7.4AI score
Exploits0
Rows per page
Query Builder