Lucene search
K

4 matches found

Nuclei
Nuclei
added 12 hours ago35 views

WordPress Admin Word Count Column 2.2 - Local File Inclusion

The plugin does not validate the path parameter given to readfile, which could allow unauthenticated attackers to read arbitrary files on server running old version of PHP susceptible to the null byte technique. This could also lead to RCE by using a Phar Deserialization technique. id:...

9.8CVSS7.1AI score0.22133EPSS
Exploits2References5
Circl
Circl
added 2025/05/10 12:0 a.m.43 views

CVE-2022-1390

creationtimestamp| type| source ---|---|--- 2025-05-10 00:00:00+00:00| exploited| The Shadowserver honeypot/exploited-vulnerabilities - 2025-05-10 2026-05-18 00:00:00+00:00| seen| The Shadowserver honeypot/common-vulnerabilities - 2026-05-18 2026-06-06 00:00:00+00:00| exploited| The Shadowserver...

9.8CVSS7.3AI score0.22133EPSS
In wildExploits2References3
Cvelist
Cvelist
added 2022/04/25 3:51 p.m.32 views

CVE-2022-1390 Admin Word Count Column <= 2.2 - Unauthenticated Arbitrary File Read

The Admin Word Count Column WordPress plugin through 2.2 does not validate the path parameter given to readfile, which could allow unauthenticated attackers to read arbitrary files on server running old version of PHP susceptible to the null byte technique. This could also lead to RCE by using a...

9.7AI score0.22133EPSS
Exploits2References2
CVE
CVE
added 2022/04/25 3:51 p.m.106 views

CVE-2022-1390

CVE-2022-1390 affects the WordPress plugin Admin Word Count Column (versions

9.8CVSS9.6AI score0.22133EPSS
In wildExploits2References2Affected Software1
Rows per page
Query Builder