Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
wpvulndbWpvulndbWPVDB-ID:2ADF2457-707B-4D2E-81D9-D1BF304E52BA
HistoryNov 30, 2022 - 12:00 a.m.

Easy WP SMTP < 1.5.2 - Admin+ Arbitrary File Deletion

2022-11-3000:00:00
wpscan.com
9
easy wp smtp
admin
arbitrary
file deletion
validation
traversal attack
multisite

EPSS

0.001

Percentile

34.8%

JSON

The plugin does not validate some user input used to generate paths, which could allow high privilege users such as admin to delete arbitrary files (even when they should not be able to, for example in multisite) via a traversal attack

Related

cvelist 1
prion 1
nvd 1
cve 1
nessus 1
openvas 1
cvelist
cvelist
CVE-2022-45829 WordPress Easy WP SMTP Plugin <= 1.5.1 is vulnerable to Arbitrary File Deletion
2022-12-06 21:53:04
prion
prion
Path traversal
2022-12-06 22:15:00
nvd
nvd
CVE-2022-45829
2022-12-06 22:15:10
cve
cve
CVE-2022-45829
2022-12-06 22:15:10
nessus
nessus
Easy WP SMTP Plugin for WordPress < 1.5.2 Multiple Vulnerabilities
2023-09-13 00:00:00
openvas
openvas
WordPress Easy WP SMTP Plugin < 1.5.2 Multiple Vulnerabilities
2022-12-07 00:00:00

EPSS

0.001

Percentile

34.8%

JSON
Related for WPVDB-ID:2ADF2457-707B-4D2E-81D9-D1BF304E52BA
cvelist1prion1nvd1cve1nessus1openvas1