Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 10:20 p.m.16 views

CVE-2022-2046

The Directorist WordPress plugin before 7.2.3 allows administrators to download other plugins from the same vendor directly to the site, but does not check the URL domain it gets the zip files from. This could allow administrators to run code on the server, which is a problem in multisite...

4.9CVSS6.8AI score0.00764EPSS
Exploits2References1
Cvelist
Cvelist
added 2022/08/08 1:46 p.m.36 views

CVE-2022-2046 Directorist - Business Directory Plugin < 7.2.3 - Admin+ Arbitrary File Upload

The Directorist WordPress plugin before 7.2.3 allows administrators to download other plugins from the same vendor directly to the site, but does not check the URL domain it gets the zip files from. This could allow administrators to run code on the server, which is a problem in multisite...

5.5AI score0.00764EPSS
Exploits2References2
OSV
OSV
added 2022/08/08 1:46 p.m.5 views

CVE-2022-2046 Directorist - Business Directory Plugin < 7.2.3 - Admin+ Arbitrary File Upload

The Directorist WordPress plugin before 7.2.3 allows administrators to download other plugins from the same vendor directly to the site, but does not check the URL domain it gets the zip files from. This could allow administrators to run code on the server, which is a problem in multisite...

4.9CVSS6.1AI score0.00764EPSS
Exploits2References4
CVE
CVE
added 2022/08/08 1:46 p.m.61 views

CVE-2022-2046

CVE-2022-2046 (Directorist WordPress plugin) affects WordPress Directorist plugin versions prior to 7.2.3. The vulnerability arises because the plugin allows administrators to download other plugins from the vendor directly to the site without validating the ZIP source URL domain, enabling potent...

4.9CVSS5.1AI score0.00764EPSS
Exploits2References2Affected Software1
Rows per page
Query Builder