Lucene search
PatchstackCVE-2022-36386HistorySep 21, 2022 - 8:15 p.m.
CVE-2022-36386
2022-09-2120:15:10
CWE-434
Patchstack
web.nvd.nist.gov
34
8
cve-2022-36386
authenticated
arbitrary code execution
soflyy
import
wordpress
nvd
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
EPSS
0.001
Percentile
47.2%
Authenticated Arbitrary Code Execution vulnerability in Soflyy Import any XML or CSV File to WordPress plugin <= 3.6.7 at WordPress.
Affected configurations
Node
soflyywp_all_importRange≤3.6.7wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| soflyy | wp_all_import | * | cpe:2.3:a:soflyy:wp_all_import:*:*:*:*:*:wordpress:*:* |
CNA Affected
[
{
"product": "Import any XML or CSV File to WordPress (WordPress plugin)",
"vendor": "Soflyy",
"versions": [
{
"lessThanOrEqual": "3.6.7",
"status": "affected",
"version": "<= 3.6.7",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
nvd
nvd
CVE-2022-36386
2022-09-21 20:15:10
prion
prion
Remote code execution
2022-09-21 20:15:00
wpvulndb
wpvulndb
cvelist
cvelist
openvas
openvas
patchstack
patchstack
CVSS3
9.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
EPSS
0.001
Percentile
47.2%
Related for CVE-2022-36386