Lucene search
HistoryOct 21, 2022 - 4:15 p.m.
CVE-2022-38104
cve-2022-38104
wordpress
options change
biplob adhikari
accordions
plugin
vulnerability
nvd
7.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
40.9%
Auth. WordPress Options Change (siteurl, users_can_register, default_role, admin_email and new_admin_email) vulnerability in Biplob Adhikari’s Accordions – Multiple Accordions or FAQs Builder plugin (versions <= 2.0.3 on WordPress.
Affected configurations
Node
biplob_adhikariaccordions_–_multiple_accordions_or_faqs_builder_\(wordpress_plugin\)Range≤2.0.3
| CPE | Name | Operator | Version |
|---|---|---|---|
| oxilab:accordions | oxilab accordions | lt | 2.1.0 |
CNA Affected
[
{
"vendor": "Biplob Adhikari",
"product": "Accordions – Multiple Accordions or FAQs Builder (WordPress plugin)",
"versions": [
{
"version": "<= 2.0.3",
"status": "affected",
"lessThanOrEqual": "2.0.3",
"versionType": "custom"
}
]
}
]References
Social References
More
Related
nvd
nvd
CVE-2022-38104
2022-10-21 16:15:10
patchstack
patchstack
cvelist
cvelist
prion
prion
Design/Logic Flaw
2022-10-21 16:15:00
wpvulndb
wpvulndb
Accordions < 2.1.0 - Authenticated Arbitrary Options Update
2022-09-29 00:00:00
7.2 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
40.9%
Related for CVE-2022-38104