Lucene search
+L

4 matches found

redhatcve
redhatcve
added 2025/05/22 11:15 p.m.5 views

CVE-2022-3881

The WP Tools Increase Maximum Limits, Repair, Server PHP Info, Javascript errors, File Permissions, Transients, Error Log WordPress plugin before 3.43 does not have proper authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscriber to call it and install and...

5.7CVSS5.7AI score0.00438EPSS
Exploits1References1
cve
cve
added 2022/12/12 5:54 p.m.54 views

CVE-2022-3881

CVE-2022-3881 concerns the WordPress WPTools plugin, affected versions before 3.43. The issue is improper authorization and CSRF in an AJAX action, allowing any authenticated user (e.g., a subscriber) to install and activate arbitrary plugins from wordpress.org. Root cause: missing CSRF/authoriza...

5.7CVSS5.6AI score0.00438EPSS
Exploits1References1Affected Software1
vulnrichment
vulnrichment
added 2022/12/12 5:54 p.m.6 views

CVE-2022-3881 WPTools < 3.43 - Subscriber+ Arbitrary Plugin Installation

The WP Tools Increase Maximum Limits, Repair, Server PHP Info, Javascript errors, File Permissions, Transients, Error Log WordPress plugin before 3.43 does not have proper authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscriber to call it and install and...

7.1AI score0.00438EPSS
Exploits1References1
cvelist
cvelist
added 2022/12/12 5:54 p.m.42 views

CVE-2022-3881 WPTools < 3.43 - Subscriber+ Arbitrary Plugin Installation

The WP Tools Increase Maximum Limits, Repair, Server PHP Info, Javascript errors, File Permissions, Transients, Error Log WordPress plugin before 3.43 does not have proper authorisation and CSRF in an AJAX action, allowing any authenticated users, such as subscriber to call it and install and...

5.9AI score0.00438EPSS
Exploits1References1
Rows per page
Query Builder