8.1
CVE-2022-0403
- EPSS 0.29%
- Veröffentlicht 04.04.2022 16:15:09
- Zuletzt bearbeitet 21.11.2024 06:38:33
- Quelle contact@wpscan.com
- CVE-Watchlists
- Unerledigt
LoginBit File Manager – 100% free file manager for WordPress <= 5.2.2 - Subscriber+ Arbitrary File Creation/Upload/Deletion
The Library File Manager WordPress plugin before 5.2.3 is using an outdated version of the elFinder library, which is know to be affected by security issues (CVE-2021-32682), and does not have any authorisation as well as CSRF checks in its connector AJAX action, allowing any authenticated users, such as subscriber to call it. Furthermore, as the options passed to the elFinder library does not restrict any file type, users with a role as low as subscriber can Create/Upload/Delete Arbitrary files and folders.
Mögliche Gegenmaßnahme
File Manager: Update to version 5.2.3, or a newer patched version
Weitere Schwachstelleninformationen
SystemWordPress Plugin
≫
Produkt
File Manager
Version
* - 5.2.2
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Wpjos ≫ Library File Manager SwPlatformwordpress Version < 5.2.3
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.29% | 0.521 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 8.1 | 2.8 | 5.2 |
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
|
| nvd@nist.gov | 5.5 | 8 | 4.9 |
AV:N/AC:L/Au:S/C:N/I:P/A:P
|
CWE-434 Unrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.