Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 12:35 a.m.7 views

CVE-2022-4298

The Wholesale Market WordPress plugin before 2.2.1 does not have authorisation check, as well as does not validate user input used to generate system path, allowing unauthenticated attackers to download arbitrary file from the server...

9.8CVSS7AI score0.01833EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2023/01/02 9:49 p.m.6 views

CVE-2022-4298 Wholesale Market < 2.2.1 - Unauthenticated Arbitrary File Download

The Wholesale Market WordPress plugin before 2.2.1 does not have authorisation check, as well as does not validate user input used to generate system path, allowing unauthenticated attackers to download arbitrary file from the server...

9.6AI score0.01833EPSS
Exploits2References1
Cvelist
Cvelist
added 2023/01/02 9:49 p.m.21 views

CVE-2022-4298 Wholesale Market < 2.2.1 - Unauthenticated Arbitrary File Download

The Wholesale Market WordPress plugin before 2.2.1 does not have authorisation check, as well as does not validate user input used to generate system path, allowing unauthenticated attackers to download arbitrary file from the server...

9.8AI score0.01833EPSS
Exploits2References1
CVE
CVE
added 2023/01/02 9:49 p.m.63 views

CVE-2022-4298

The CVE-2022-4298 issue affects the Wholesale Market WordPress plugin prior to version 2.2.1. The root cause is missing authorization checks and lack of validation for user input used to generate system paths, enabling unauthenticated attackers to download arbitrary files from the server (e.g., s...

9.8CVSS9.7AI score0.01833EPSS
Exploits2References1Affected Software1
Rows per page
Query Builder