Lucene search
HistoryAug 22, 2022 - 3:15 p.m.
CVE-2022-33900
cve-2022-33900
php
object injection
easy digital downloads
wordpress
nvd
7.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
42.8%
PHP Object Injection vulnerability in Easy Digital Downloads plugin <= 3.0.1 at WordPress.
Affected configurations
Node
easy_digital_downloadseasy_digital_downloadsRange≤3.0.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| sandhillsdev:easy_digital_downloads | sandhillsdev easy digital downloads | le | 3.0.1 |
CNA Affected
[
{
"product": "Easy Digital Downloads",
"vendor": "Easy Digital Downloads",
"versions": [
{
"lessThanOrEqual": "3.0.1",
"status": "affected",
"version": "<= 3.0.1",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
cvelist
cvelist
nvd
nvd
CVE-2022-33900
2022-08-22 15:15:15
patchstack
patchstack
prion
prion
Design/Logic Flaw
2022-08-22 15:15:00
wpvulndb
wpvulndb
Easy Digital Downloads < 3.0.2 - Admin+ PHP Object Injection
2022-08-10 00:00:00
7.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
42.8%
Related for CVE-2022-33900