CVE-2022-1788

Due to missing checks the Change Uploaded File Permissions WordPress plugin through 4.0.0 is vulnerable to CSRF attacks. This can be used to change the file and folder permissions of any folder. This could be problematic when specific files like ini files are made readable for everyone due to this.
Configurations

Configuration 1 (hide)

cpe:2.3:a:change_uploaded_file_permissions_project:change_uploaded_file_permissions:*:*:*:*:*:wordpress:*:*

History

21 Nov 2024, 06:41

Type Values Removed Values Added
References () https://wpscan.com/vulnerability/c39719e5-dadd-4414-a96d-5e70a1e3d462 - Exploit, Third Party Advisory () https://wpscan.com/vulnerability/c39719e5-dadd-4414-a96d-5e70a1e3d462 - Exploit, Third Party Advisory

Information

Published : 2022-06-13 13:15

Updated : 2024-11-21 06:41


NVD link : CVE-2022-1788

Mitre link : CVE-2022-1788

CVE.ORG link : CVE-2022-1788


JSON object : View

Products Affected

change_uploaded_file_permissions_project

  • change_uploaded_file_permissions
CWE
CWE-352

Cross-Site Request Forgery (CSRF)