Showing 1 - 1 of 1

CVE-2022-0779

Status Candidate

Overview

The User Meta WordPress plugin before 2.4.4 does not validate the filepath parameter of its um_show_uploaded_file AJAX action, which could allow low privileged users such as subscriber to enumerate the local files on the web server via path traversal payloads

Related Files

WordPress User Meta Lite / Pro 2.4.3 Path Traversal: Posted May 30, 2022; Authored by Julien Ahrens | Site rcesecurity.com; WordPress User Meta Lite and Pro plugin versions 2.4.3 and below suffer from a path traversal vulnerability.; tags | exploit, file inclusion; advisories | CVE-2022-0779; SHA-256 | 9f5dfc7d061a12ed0156906753e063fd8b488898a8f4b2709039a9ee6f78125f; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 244 files
Ubuntu 86 files
Gentoo 31 files
Debian 17 files
tmrswrr 8 files
Sina Kheirkhah 7 files
indoushka 5 files
Rodolfo Tavares 4 files
nu11secur1ty 3 files
bRpsd 3 files

File Archives

Systems

AIX (429)
Apple (2,090)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,082)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,531)
HPUX (880)
iOS (376)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,456)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,351)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,673)
UNIX (9,429)
UnixWare (187)
Windows (6,667)
Other

CVE-2022-0779

Overview

Related Files

File Archive:

July 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems