Lucene search
PatchstackVULNRICHMENT:CVE-2022-45374HistoryMay 17, 2024 - 6:28 a.m.
CVE-2022-45374 WordPress Yet Another Related Posts Plugin (YARPP) plugin <= 5.30.4 - Local File Inclusion
2024-05-1706:28:46
CWE-22
Patchstack
github.com
wordpress
yarpp
local file inclusion
cve-2022-45374
7.7 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
6.8 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
10.6%
Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in YARPP allows PHP Local File Inclusion.This issue affects YARPP: from n/a through 5.30.4.
CNA Affected
[
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "yet-another-related-posts-plugin",
"product": "YARPP",
"vendor": "YARPP",
"versions": [
{
"changes": [
{
"at": "5.30.5",
"status": "unaffected"
}
],
"lessThanOrEqual": "5.30.4",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
]Related
cvelist
cvelist
nvd
nvd
CVE-2022-45374
2024-05-17 07:15:47
wpvulndb
wpvulndb
YARPP - Yet Another Related Posts Plugin < 5.30.5 - Subscriber+ LFI
2023-04-18 00:00:00
cve
cve
CVE-2022-45374
2024-05-17 07:15:47
openvas
openvas
WordPress YARPP Plugin < 5.30.3 Multiple Vulnerabilities
2023-04-14 00:00:00
wordfence
wordfence
7.7 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
6.8 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
10.6%
Related for VULNRICHMENT:CVE-2022-45374