Lucene search

WordfenceCVELIST:CVE-2022-4949

HistoryJun 07, 2023 - 1:51 a.m.

CVE-2022-4949

2023-06-0701:51:50

Wordfence

www.cve.org

adsanity

wordpress

file uploads

arbitrary

security vulnerability

remote code execution

cve-2022-4949

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

9.1 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.9%

JSON

The AdSanity plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ‘ajax_upload’ function in versions up to, and including, 1.8.1. This makes it possible for authenticated attackers with Contributor+ level privileges to upload arbitrary files on the affected sites server which makes remote code execution possible.

CNA Affected

[
  {
    "vendor": "https://adsanityplugin.com/",
    "product": "AdSanity",
    "versions": [
      {
        "version": "*",
        "status": "affected",
        "lessThan": "1.8.2",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

www.openwall.com/lists/oss-security/2023/11/09/3

xenbits.xen.org/xsa/advisory-443.html

blog.nintechnet.com/critical-vulnerability-in-wordpress-adsanity-plugin/

www.wordfence.com/threat-intel/vulnerabilities/id/effd72d2-876d-4f8d-b1e4-5ab38eab401b?source=cve

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

9.1 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

71.9%

JSON

Related for CVELIST:CVE-2022-4949