Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 1:19 a.m.9 views

CVE-2022-3076

The CM Download Manager WordPress plugin before 2.8.6 allows high privilege users such as admin to upload arbitrary files by setting the any extension via the plugin's setting, which could be used by admins of multisite blog to upload PHP files for example...

7.2CVSS6.8AI score0.01065EPSS
Exploits2References1
CVE
CVE
added 2022/09/26 12:35 p.m.75 views

CVE-2022-3076

CM Download Manager for WordPress (plugin before 2.8.6) allows high-privilege users (admin) to upload arbitrary files by adding extensions (e.g., PHP) in Settings, without proper validation. This can enable an authenticated admin to place malicious PHP files in the site uploads path, with PoC evi...

7.2CVSS6.9AI score0.01065EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2022/09/26 12:35 p.m.6 views

CVE-2022-3076 CM Download Manager < 2.8.6 - Admin+ Arbitrary File Upload

The CM Download Manager WordPress plugin before 2.8.6 allows high privilege users such as admin to upload arbitrary files by setting the any extension via the plugin's setting, which could be used by admins of multisite blog to upload PHP files for example...

6.9AI score0.01065EPSS
Exploits2References1
Cvelist
Cvelist
added 2022/09/26 12:35 p.m.21 views

CVE-2022-3076 CM Download Manager < 2.8.6 - Admin+ Arbitrary File Upload

The CM Download Manager WordPress plugin before 2.8.6 allows high privilege users such as admin to upload arbitrary files by setting the any extension via the plugin's setting, which could be used by admins of multisite blog to upload PHP files for example...

7.1AI score0.01065EPSS
Exploits2References1
Rows per page
Query Builder