Showing 1 - 1 of 1

CVE-2022-0246

Status Candidate

Overview

The settings of the iQ Block Country WordPress plugin before 1.2.13 can be exported or imported using its backup functionality. An authorized user can import preconfigured settings of the plugin by uploading a zip file. After the uploading process, files in the uploaded zip file are extracted one by one. During the extraction process, existence of a file is checked. If the file exists, it is deleted without any security control by only considering the name of the extracted file. This behavior leads to "Zip Slip" vulnerability.

Related Files

WordPress iQ Block Country 1.2.13 Arbitrary File Deletion: Posted Mar 21, 2022; Authored by Ceylan Bozogullarindan; WordPress iQ Block Country plugin version 1.2.13 suffers from an arbitrary file deletion vulnerability.; tags | exploit, arbitrary; advisories | CVE-2022-0246; SHA-256 | f0010d1dc3064386061b5ec573e0ad6624d9a232d481f124beeca9af833a6844; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 163 files
Ubuntu 101 files
indoushka 64 files
Debian 24 files
nu11secur1ty 19 files
Apple 13 files
CraCkEr 8 files
Google Security Research 7 files
Gentoo 7 files
LiquidWorm 4 files

File Archives

Systems

AIX (428)
Apple (2,016)
BSD (374)
CentOS (57)
Cisco (1,925)
Debian (6,844)
Fedora (1,692)
FreeBSD (1,245)
Gentoo (4,329)
HPUX (879)
iOS (355)
iPhone (108)
IRIX (220)
Juniper (68)
Linux (46,815)
Mac OS X (687)
Mandriva (3,105)
NetBSD (256)
OpenBSD (485)
RedHat (13,916)
Slackware (941)
Solaris (1,610)
SUSE (1,444)
Ubuntu (8,940)
UNIX (9,317)
UnixWare (186)
Windows (6,588)
Other

CVE-2022-0246

Overview

Related Files

File Archive:

September 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems