The WordPress Infinite Scroll – Ajax Load More plugin for Wordpress is vulnerable to arbitrary file reading in versions up to, and including, 5.5.3 due to insufficient file path validation on the alm_repeaters_export() function. This makes it possible for authenticated attackers, with administrative privileges, to download arbitrary files hosted on the server that may contain sensitive content, such as the wp-config.php file.
References
Link | Resource |
---|---|
https://gist.github.com/Xib3rR4dAr/f9a4b4838154854ec6cde7d5deb76bf9 | Exploit Third Party Advisory |
https://plugins.svn.wordpress.org/ajax-load-more/tags/5.5.4/README.txt | Release Notes |
https://www.wordfence.com/threat-intel/vulnerabilities/id/6d643d07-7533-430b-a1d8-8e66a2a2c5e6?source=cve | Third Party Advisory |
https://www.wordfence.com/vulnerability-advisories/#CVE-2022-2943 | Third Party Advisory |
Configurations
History
07 Nov 2023, 03:47
Type | Values Removed | Values Added |
---|---|---|
CWE |
02 Nov 2023, 02:16
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://www.wordfence.com/threat-intel/vulnerabilities/id/6d643d07-7533-430b-a1d8-8e66a2a2c5e6?source=cve - Third Party Advisory |
20 Oct 2023, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
20 Jul 2023, 18:06
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-22 |
Information
Published : 2022-09-06 18:15
Updated : 2024-02-28 19:29
NVD link : CVE-2022-2943
Mitre link : CVE-2022-2943
CVE.ORG link : CVE-2022-2943
JSON object : View
Products Affected
connekthq
- ajax_load_more
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')