Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:0 p.m.6 views

CVE-2022-2554

The Enable Media Replace WordPress plugin before 4.0.0 does not ensure that renamed files are moved to the Upload folder, which could allow high privilege users such as admin to move them outside to the web root directory via a path traversal attack for example...

4.9CVSS6.7AI score0.00781EPSS
Exploits2References1
Circl
Circl
added 2023/12/11 2:6 p.m.4 views

CVE-2022-2554

creationtimestamp| type| source ---|---|--- 2023-12-11 14:06:40+00:00| seen| https://t.me/arpsyndicate/1750...

4.9CVSS5AI score0.00781EPSS
Exploits2References1
OpenVAS
OpenVAS
added 2023/08/01 12:0 a.m.11 views

WordPress Enable Media Replace Plugin < 4.0.0 Path Traversal Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:shortpixel:enablemediareplace"; if description...

4.9CVSS5.3AI score0.00781EPSS
Exploits2References1
NVD
NVD
added 2022/10/10 9:15 p.m.26 views

CVE-2022-2554

The Enable Media Replace WordPress plugin before 4.0.0 does not ensure that renamed files are moved to the Upload folder, which could allow high privilege users such as admin to move them outside to the web root directory via a path traversal attack for example...

4.9CVSS0.00781EPSS
Exploits2References1
CVE
CVE
added 2022/10/10 12:0 a.m.67 views

CVE-2022-2554

The CVE-2022-2554 entry concerns the WordPress plugin Enable Media Replace (versions before 4.0.0). The root cause is that renamed files are not reliably moved into the Upload folder, enabling path traversal to place files outside the Upload directory, potentially in web root. Impact stated in so...

4.9CVSS5AI score0.00781EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder