Showing 1 - 1 of 1

CVE-2022-0246

Status Candidate

Overview

The settings of the iQ Block Country WordPress plugin before 1.2.13 can be exported or imported using its backup functionality. An authorized user can import preconfigured settings of the plugin by uploading a zip file. After the uploading process, files in the uploaded zip file are extracted one by one. During the extraction process, existence of a file is checked. If the file exists, it is deleted without any security control by only considering the name of the extracted file. This behavior leads to "Zip Slip" vulnerability.

Related Files

WordPress iQ Block Country 1.2.13 Arbitrary File Deletion: Posted Mar 21, 2022; Authored by Ceylan Bozogullarindan; WordPress iQ Block Country plugin version 1.2.13 suffers from an arbitrary file deletion vulnerability.; tags | exploit, arbitrary; advisories | CVE-2022-0246; SHA-256 | f0010d1dc3064386061b5ec573e0ad6624d9a232d481f124beeca9af833a6844; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 204 files
Ubuntu 52 files
Debian 26 files
LiquidWorm 11 files
Valentin Lobstein 10 files
nu11secur1ty 7 files
Google Security Research 6 files
Milad Karimi 5 files
Jann Horn 4 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,023)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,346)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,586)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,464)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

CVE-2022-0246

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems