Lucene search
K

10 matches found

Nuclei
Nuclei
added 9 hours ago19 views

WordPress Admin Word Count Column 2.2 - Local File Inclusion

The plugin does not validate the path parameter given to readfile, which could allow unauthenticated attackers to read arbitrary files on server running old version of PHP susceptible to the null byte technique. This could also lead to RCE by using a Phar Deserialization technique. id:...

9.8CVSS7.5AI score0.22133EPSS
Exploits2References5
EUVD
EUVD
added 2026/06/08 1:55 a.m.8 views

EUVD-2022-56000

WordPress Plugin admin-word-count-column 2.2 contains a local file read vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting null byte injection in the path parameter. Attackers can send GET requests to download-csv.php with a crafted path parameter containing...

6.9CVSS5.6AI score0.00342EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/08 1:55 a.m.6 views

CVE-2022-50953 WordPress Plugin admin-word-count-column 2.2 Local File Read

WordPress Plugin admin-word-count-column 2.2 contains a local file read vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting null byte injection in the path parameter. Attackers can send GET requests to download-csv.php with a crafted path parameter containing...

6.9CVSS5.6AI score0.00342EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/22 10:17 p.m.11 views

CVE-2022-1390

The Admin Word Count Column WordPress plugin through 2.2 does not validate the path parameter given to readfile, which could allow unauthenticated attackers to read arbitrary files on server running old version of PHP susceptible to the null byte technique. This could also lead to RCE by using a...

9.8CVSS7AI score0.22133EPSS
Exploits2References1
CNVD
CNVD
added 2022/04/27 12:0 a.m.25 views

WordPress plugin Admin Word Count Column arbitrary file reading vulnerability

WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plug-in. PHP is a scripting language that executes on the server side. WordPress plugin Admin An arbitrary file reading vulnerability exists in Word Count Column 2.2 and earlier versions, which...

9.8CVSS2.3AI score0.22133EPSS
Exploits2References1
Cvelist
Cvelist
added 2022/04/25 3:51 p.m.31 views

CVE-2022-1390 Admin Word Count Column <= 2.2 - Unauthenticated Arbitrary File Read

The Admin Word Count Column WordPress plugin through 2.2 does not validate the path parameter given to readfile, which could allow unauthenticated attackers to read arbitrary files on server running old version of PHP susceptible to the null byte technique. This could also lead to RCE by using a...

9.7AI score0.22133EPSS
Exploits2References2
CVE
CVE
added 2022/04/25 3:51 p.m.105 views

CVE-2022-1390

CVE-2022-1390 affects the WordPress plugin Admin Word Count Column (versions

9.8CVSS9.6AI score0.22133EPSS
In wildExploits2References2Affected Software1
CNNVD
CNNVD
added 2022/04/25 12:0 a.m.4 views

WordPress plugin Admin Word Count Column路径遍历漏洞

WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plug-in. PHP is a scripting language that executes on the server side. WordPress plugin Admin An arbitrary file reading vulnerability exists in Word Count Column 2.2 and earlier versions, which...

9.8CVSS5.7AI score0.22133EPSS
Exploits2References4
Exploit DB
Exploit DB
added 2022/03/30 12:0 a.m.296 views

WordPress Plugin admin-word-count-column 2.2 - Local File Read

Exploit Title: WordPress Plugin admin-word-count-column 2.2 - Local File Read Google Dork: inurl:/wp-content/plugins/admin-word-count-column/ Date: 27-03-2022 Exploit Author: Hassan Khan Yusufzai - Splint3r7 Vendor Homepage: https://wordpress.org/plugins/admin-word-count-column/ Version: 2.2...

7.4AI score
Exploits0
Patchstack
Patchstack
added 2022/03/29 12:0 a.m.19 views

WordPress Admin Word Count Column plugin <= 2.2 - Unauthenticated Arbitrary File Read vulnerability

Unauthenticated Arbitrary File Read vulnerability discovered by Hassan Khan Yusufzai Splint3r7 in WordPress Admin Word Count Column plugin versions = 2.2. Solution Deactivate and delete. This plugin has been closed as of March 29, 2022 and is not available for download. This closure is temporary,...

9.8CVSS1.7AI score0.22133EPSS
Exploits2References3Affected Software1
Rows per page
Query Builder