4 matches found
CVE-2022-4298
The Wholesale Market WordPress plugin before 2.2.1 does not have authorisation check, as well as does not validate user input used to generate system path, allowing unauthenticated attackers to download arbitrary file from the server...
CVE-2022-4298 Wholesale Market < 2.2.1 - Unauthenticated Arbitrary File Download
The Wholesale Market WordPress plugin before 2.2.1 does not have authorisation check, as well as does not validate user input used to generate system path, allowing unauthenticated attackers to download arbitrary file from the server...
CVE-2022-4298 Wholesale Market < 2.2.1 - Unauthenticated Arbitrary File Download
The Wholesale Market WordPress plugin before 2.2.1 does not have authorisation check, as well as does not validate user input used to generate system path, allowing unauthenticated attackers to download arbitrary file from the server...
CVE-2022-4298
The CVE-2022-4298 issue affects the Wholesale Market WordPress plugin prior to version 2.2.1. The root cause is missing authorization checks and lack of validation for user input used to generate system paths, enabling unauthenticated attackers to download arbitrary files from the server (e.g., s...