Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 11:17 p.m.6 views

CVE-2022-4109

The Wholesale Market for WooCommerce WordPress plugin before 2.0.0 does not validate user input against path traversal attacks, allowing high privilege users such as admin to download arbitrary logs from the server even when they should not be able to for example in multisite...

2.7CVSS6.7AI score0.00705EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/01/02 9:49 p.m.6 views

CVE-2022-4109 Wholesale Market for WooCommerce < 2.0.0 - Admin+ Arbitrary Log Download

The Wholesale Market for WooCommerce WordPress plugin before 2.0.0 does not validate user input against path traversal attacks, allowing high privilege users such as admin to download arbitrary logs from the server even when they should not be able to for example in multisite...

3.7AI score0.00705EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/01/02 9:49 p.m.23 views

CVE-2022-4109 Wholesale Market for WooCommerce < 2.0.0 - Admin+ Arbitrary Log Download

The Wholesale Market for WooCommerce WordPress plugin before 2.0.0 does not validate user input against path traversal attacks, allowing high privilege users such as admin to download arbitrary logs from the server even when they should not be able to for example in multisite...

4.1AI score0.00705EPSS
Exploits2References1
CVE
CVE
added 2023/01/02 9:49 p.m.63 views

CVE-2022-4109

The CVE-2022-4109 issue affects the Wholesale Market for WooCommerce WordPress plugin (pre-2.0.0). The root cause is failure to validate user input against path traversal, enabling high-privilege users (e.g., admins) to download arbitrary server logs, including in multisite contexts. Impact is po...

2.7CVSS3.5AI score0.00705EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder